Total Clients: 1,000SunRay Clients / SunRay Server: 100Thin Clients / Terminal Server: 250Virtual Desktops / *Virtual Server: 24Vista Clients available 23% of the time (GPO)XP/Thin/Servers available 100% of the timeDesktop: 80wLaptop: 25wWyse: 4.5wSunRay: 4wServer: 240w
SLIDE NOTES: Desired configuration management in Configuration Manager reduces the complexities of monitoring configuration changes in even the most complex IT infrastructures. Administrators can easily monitor and capture configuration information of servers, desktops, laptops and mobile devices across their network and evaluate the compliance of those devices against regulatory and corporate requirements. You can use Configuration Manager to remediate non-compliant systems with software distribution that automatically targets computers reporting non-compliance. By helping businesses ensure that systems remain in compliance with a defined desired state, Configuration Manager can enhance IT systems availability, security features and performance while streamlining systems compliance efforts.Configuration Manager sets a configuration baseline for a collection of devices, defined by location, role or use. These baselines can be comprised of OS level, patch level, application presence/version or business rules. Once established, these baselines can then be enforced by policy at regular intervals and used to protect the infrastructure. You can identify required, approved and prohibited configurations for clients, servers and applications.. Baseline configuration knowledge in Configuration Manager 2007 can come from several sources. Administrators can build their own configuration baselines or they can import Configuration Packs from Microsoft or third party software vendors. Configuration Packs are best practices that Microsoft and other software vendors create to identify common configuration errors for applications and operating systems that compromise system availability. Configuration Packs also help IT departments identify security vulnerabilities, as defined by Microsoft and other software vendors, across their enterprise.Use improved control of IT systems to help ensure they comply with a defined desired state, enhancing availability, security features and performance while streamlining your systems compliance efforts. CUSTOMER ANECDOTES: The privacy requirements of the federal Health Insurance Portability and Accountability Act (HIPPA) require healthcare providers to encrypt the hard drives of laptop computers and other mobile devices that contain patient information. But, as an academic institution with decentralized purchasing policies Wake Forest Medical Center couldn’t ensure that all laptops were loaded with the approved PointSec encryption software. With Configuration Manager DCM it can.
Traditionally, the desktop computing model has been one where the operating system, applications, and user data and settings are bonded to a single computer, making it difficult for users to move from one PC to another in case of upgrades or a lost or stolen laptop. This is a result of traditional OS/application installation and data storage technologies. With respect to desktop deployment, this means that the OS, application execution/presentation and user data are all self-contained within a single device. This model has the advantage of simplicity because it leverages well understood technologies that ship with Windows. In addition, because the PC is configured to be completely self-sufficient, this solution is well-suited to mobile use. However, the tight binding between the various layers may not be appropriate for all scenarios. Because of this, Microsoft has introduced new Windows deployment options that achieve similar results in terms of mobility but also enable increased flexibility. By reducing the dependencies between computing layers, Microsoft enables IT to free the different elements of the system from one another. Each layer can then use other system resources generically and does not need to be configured individually for specific systems. Resources can be used on any system, in real-time, on an as-needed basis. The layers can be brought together dynamically on the users’ machines. IT can also manage the layers separately from each other.In Windows Vista timeframe we are delivering technologies allowing to separate these layers of computing stack – with technologies such as Virtual PC and new Windows Imaging format (HW/OS separation); Terminal Services and Softgrid , now called MS Application Virtualization (OS/ Application separation); and Data & Folder Redirection ( Data separation from OS and Apps). Let’s see how these different technologies apply to different user scenarios
Mobile Workers These types of users are highly mobile due to travel and are frequently outside the corporate network. They use a variety of applications that are usually running locally (i.e. Office, CRM, etc.) and therefore require a rich computing experience. They also need the ability to access applications and data offline as well. Sample users include sales force and corporate executives. Office Workers These users are connected to the corporate network most of the time, and expect a rich client experience that can handle the broad range of tasks which fall under their responsibility. They use applications such as Office, CRM and ERP Line of Business (LOB) applications, as well as web and project management tools. Sometimes, these users need the ability to access run high-end, specialized LOB applications from within the corporate network. They need highly-performing, highly available computing solutions that provide reliable access. Many of these users move frequently from one workstation to another and therefore require a free seating environment. Sample users include financial traders, CAD engineers and graphic designers. Task Workers These users have more focused responsibilities usually based on data entry tasks. They tend to use a small number of LOB applications and are always connected to the corporate network. Usually they only need limited computing performance but like the Power Information Worker, need to move from one workstation to another in a free seating environment. Sample users include call center employees, bank tellers, factory workers and retail point of sale (POS) cashiers.Contract / Offshore WorkersThese one of the most challenging scenarios for companies to address. When organizations hire contract workers they need to give these users access to their corporate applications and data – to make sure these contract workers can be get their job done. So companies either cope with unmanaged, non-corporate PCs on their network or consider providing a company PC to a contractor, which can also increase costs dramatically. Access from Anywhere on the non-company owned PCSometimes people need to connect to their corporate environment from their home PC (i.e. non-company owned PC) or even from the road in some case of work emergency – also from the non company owned PC.Transition: Historically, it was very difficult for customers to address these needs – ensure these users get access to right applications and data, while making it securely and cost-effectively - due to the limitations of the traditional client computing.
We now have a comprehensive view of the Windows Vista Optimized Desktop solutions for the different customer scenarios. To summarize quickly: Mobile Scenarios. With Application Virtualization, Folder redirection, Bitlocker (Win Vista Enterprise), customers can enable the “Replaceable PC” scenario for mobile uses – providing flexibility of user settings; ease of user migration and the protection of the local data. Office Scenarios. With Application Virtualization and Folder redirection as well as Terminal Services for the critical LOB application, customers can enable the “Hot desking” scenario – providing free seating (applications and data follow user) and addressing compliance needs, while also having full flexibility of user settings and rich user experience for the productivity and CPU/ GPU intensive applications. Task Scenarios. From the organization’s standpoint, the most important capabilities for task worker scenarios are ensuring a secure, low-cost solution and enabling free-seating in an always-connected environment so that users can work productively from shared client devices, while data is stored securely and centrally. By offering , Windows Fundamentals for Legacy PCs, can extend the life on an old PC - delivering a low cost hardware solution, while also making an environmentally responsible action. With WinFLP machined and Terminal Services, task worker is given access to applications executed on the server, so the confidential data never leaves the data center, improving compliance and limiting risk of data theft. Contract/ Offshore Scenarios. When organizations hire contract workers they need to cope with unmanaged, non-corporate PCs on their network or consider providing a company PC to a contractor, which can also increase costs dramatically. A possible solution is that organizations can provide contractors with low-cost, often older PCs owned by the organization, and running Windows Fundamentals for Legacy PCs (WinFLP), while giving these contract workers access from a WinFLP PC to the applications and data they need to do their work, with Windows Vista Enterprise Centralized Desktop (hosted centrally from a Microsoft Virtual Serveror Windows Server 2008). One specific example of when companies can take advantage of such solution with Windows Vista Centralized Desktop would the outsourced software development and testing. Anywhere access Scenario. People working from their home PC, travelling without their company owned PC or unable to get to their office due to inclement weather or other disasters can continue work within their familiar environment while the IT department can protect corporate data and maintain control of the environment. With Windows Server 2008’s Terminal Services Gateway the administrator enable these users to access their desktop, applications, and data via Windows Vista Enterprise Centralized Desktop (VECD) and a remotely accessible dedicated Windows Vista virtual machine, from any PC running Windows Vista with Service Pack 1 or Windows XP with Service Pack 3 from the Internet through Internet Explorer. Transition : now we have an all-up view of the different scenarios companies face and the solutions we offer with Windows Vista Optimized Desktop to address these scenarios. Windows Software Assurance allows customers to take advantage of the these technologies and chose solutions that best meet their needs. Let’s take a look
The Microsoft Desktop Optimization Pack helps you every step of the way in accelerating and managing your desktop deployments. It is a suite of 5 technologies with a 6th technology that has been announced, but the acquisition has not closed yet. These applications work together to help you manage your desktop environment, lower TCO and be more responsive to users providing anywhere, anytime access to the OS and Applications.You can take advantage of it today with your existing OS, and deploying these technologies will also help with future upgrades. Access to the MDOP subscription is one of the most valuable benefits of Windows Client Software Assurance and a significant part of our Windows Client roadmap. We are committed to releasing updates annually, and continually investing in new technologies that you will have access to during the duration of your subscription.Let’s take a look at each of these products.
KEY TAKEAWAYS: We are not going to cause the same level of disruption as we did with Windows Vista. 2. The changes we made in WV caused problems, but the benefits are here now. The path to Windows 7 should be as smooth as the shift from RTM to SP1.In Windows 7 we are building on the advances we made in Windows Vista to help address emerging trends and technologies and meet the needs we’ve heard from our customers. Windows 7 will be built on the Windows Vista foundation and will inherit the quality improvements we’ve made in Windows Vista Service Pack 1 and Windows Server 2008.Compatibility with Windows Vista software, hardware and tools is an important goal of this release. In building Windows Vista we made some significant changes to the platform that had an impact on compatibility. Those changes were important and had a measurable improvement on security. Windows Vista is the most secure client version of Windows to date and experienced fewer than half the number of security vulnerabilities that Windows XP experienced in its first year, and fewer than one-fifth the number of security vulnerabilities as the nearest competitive operating system on the market. Windows 7 also benefits from these important changes, since we are not undoing the changes we made in Windows Vista that resulted in significant security improvements. This also means that customers still using Windows XP when Windows 7 comes out should expect a similar level of compatibility between Windows XP and Windows 7 as there is between Windows XP and Windows Vista. However, the upgrade from Windows Vista to Windows 7 should be easier, given compatibility between these two products. We recommend customers upgrade to Windows Vista now, then move to Windows 7 because the investments required to test and remediate applications, update deployment tools and processes, upgrade hardware will be similar—and you get the benefits of a more secure, modern operating system for a longer time. The client release of Windows 7 will be available in 32 & 64-bit versions.
Access Information Anywhere describes a broad set of investments that we are doing in Windows 7 to make users more productive no matter where they are and no matter where the application and data that they need to access resides. One of those investments is in search.As a result of the investments we’ve made in Desktop Search, leading customers who have deployed Windows Vista and the 2007 Microsoft Office System are experiencing great benefits in more easily and quickly finding information. Improved search capabilities are one of the biggest benefits end users find in using Windows Vista. Customers are also realizing huge benefits in using search to access information stored in corporate repositories—using solutions such as Microsoft Office SharePoint Server and Microsoft Search Server. But today these two worlds of enterprise search are separated. We have great solutions for desktop search and server search but they haven’t been brought together. One of our goals in Windows 7 is to provide a more unified search experience so that from the desktop users can also find information on corporate repositories such as SharePoint or online services. We are planning to use federation to make search results from online sources accessible within the desktop search experience. We also want to make it easy for IT to customize search defaults and locations to increase usage of intranet portals—maximizing the return organizations get from those investments.“Enterprise Search Scopes” enables IT, using Group Policy, to deploy links to appear on the user’s Start menu or in Explorer. This way, you can maximize your investments in SharePoint and Enterprise search by making it easy for users to search those destinations. The screenshot shows an example of how Microsoft could use this feature and how the search options would appear in Windows Explorer. IT could deploy a link to our intranet portal “MSW” for all users, and then on a division level we can deploy links to the portal for that division (e.g., Windows). If the user can’t find what they need on one site, they can easily re-scope their search to another one.
One of the goals of Windows 7 is to enable users to access the information that they need whether they are in or out of the office. In the past few years, Microsoft has made getting to email from outside the office easier. First we had Outlook Web Access, so we could access email through the web. Then we introduced RPC over HTTP, which just requires and internet connection to connect to the Exchange server.But users still have a challenge when accessing resources that are inside the corporate network. For example users cannot open the links to an internal Web site or share included in an email. The most common method to access these resources is VPN. VPN can be hard to use for users because it takes time and multiple steps to initiate the VPN connection and wait for the PC to be authenticated from the network. Hence, most remote users try to avoid VPN’ing as much as possible and stay disconnected from corporate network for as long as they can. At this point we run into a chicken-egg problem: Since remote users are disconnected, IT cannot manage them while away from work – remote users stay more out of date and it gets harder and harder to access corporate resources… With the capabilities Windows 7 enables, users who have internet access will be automatically connected to their corporate network. A user who is sitting on a coffee shop can open his laptop, connect to the internet using the wireless access of the coffee shop and start working as if he is in the office. The user in this case will be able to not only use outlook, but also work with intranet sites, open corporate shares, use LOB applications, and basically have full access to corporate resources. This solution is also very appealing to IT Professionals:Managing mobile PCs has always been an issue since they could be disconnected from the corporate network for a long time. With this work access solution, as long as they have internet connectivity, users will be on corporate network. Servicing mobile users(such as distributing updates and Group Policy) is easier since they can be accessed more frequently by IT systems.Deploying Windows 7 will not automatically enable this type of work access connection. You will have the choice to enable it or not and it will require some changes to your backend network infrastructure, including having at least one server running Windows Server 2008 R2 at the edge of your network. The solution takes advantage of Microsoft’s investments in IPSEC and IPv6 to provide secure connectivity even when not on the physical corporate network.
Even inside a single business different departments can have unique needs. For example, Branch Offices have issues and requirements that are different from the main office. Companies are investing in opening more Branch Offices to provide a work environment for mobile employees and reach more customers.This trend generates new challenges for both the end users and the IT Professionals:Branch Offices are usually connected to enterprises with a low-bandwidth link. Hence accessing corporate data located in the enterprise is slow for end users. To resolve customer pain points and increase user productivity IT Professionals are constantly looking for ways to improve network performance. With Windows 7, Microsoft will offer a software alternative to alleviate the problem—“Branch office caching”. The idea is to cache the corporate data downloaded by users locally in the branch office so it can be quickly accessed by others in the branch. With branch office caching, opening a document can take seconds instead of minutes.For example: Headquarters posts a large training presentation on a file share and sends an e-mail to all employees worldwide. The first employee who opens the presentation has to wait several minutes for the file to download across the WAN. After the file is downloaded Windows will automatically store that file in the cache for others to use. When the next employee tries to download the file Windows will automatically retrieve that file from the cache in the branch and the user can open it in much less time. The cache can be hosted on a server in the branch or distributed across a number of PCs. If the cache is distributed, the branch users automatically check the cache pool to see if the data has already been cached. If the cache is hosted on a server, the branch users check the branch server to access data. Each time the users try to access a file, the access rights of the user are authenticated against the server in the data center to make sure that the user has access to the file and is accessing the latest version.The solution enables users to have fast access to previously downloaded data in the branch and also frees network bandwidth for other uses.It caches content from Web and file servers running Windows Server 2008 R2, and if you use the hosted cache option in the branch office, that server much be running Windows Server 2008 R2 as well.
The other big investment we are making to Enhance Security and Controlisaround Application Control.The longer a computer has been deployed, the more the software on it drifts away from its desired configuration. These inconsistencies are greatly accelerated by installation and execution of non-standard software within the desktop environment. Users today bring software into the environment by bringing in software from home, Internet downloads (intended and not intended!), and through email. The result is a higher incidence of malware infections, more help desk calls, and difficulty in ensuring that your PCs are running only approved, licensed software. Coupled with compliance requirements in the enterprise through OCI, SOX, HIPPA and other regulations, enterprises are renewing efforts to lock down their desktops as a means to: Reduce total cost of ownership (TCO)Increase security to safeguard against data loss/threat of IT theft and to protect privacy Support compliance solutions by validating which users can run specific applicationsWith Windows XP and Windows Vista, we gave IT administrators Software Restriction Policies to enable the definition of application lockdown policies. However, SRP was difficult to implement because the rules were based on application hashes, which meant that they had to be re-created anytime the application was updated. Windows 7 reenergizes application lockdown policies with a totally revamped set of capabilities. AppLocker provides a flexible mechanism that allows administrators to specify exactly what is allowed to run on their systems and gives users the ability to run applications, installation programs, and scripts that administrators have explicitly granted permission to execute. As a result, IT can enforce application standardization within their organization with minimal TCO implications.For example, a rule could be written that says “allow all versions greater than 8.1 of the program Photoshop to run if it is signed by the software publisher Adobe.” Such a rule can be associated with existing security groups within an organization, providing controls that allow an organization to support compliance requirements by validating and enforcing which users can run specific applications.
Today, Microsoft virtualization products and technologies are already helping companies automatically match computing capabilities to business needs. Imagine your employees accessing their personalized desktop, with all of their settings and preferences intact, on any machine, from any location. Or the workloads running on servers in your data center automatically being redeployed to respond to a sudden surge in demand for a specific capability. Or your entire infrastructure restoring itself instantly following a catastrophic power outage. This is possible through Virtual Desktop Infrastructure technology. However, this is still an emerging area, and there are several challenges, including potential higher costs of running enough servers to support your users and the fact that users don’t have as rich a Windows experience when running a remote session. Keep in mind that using Windows features for VDI scenarios requires a specific VECD license.Let’s talk about some of the investments we are making in Windows 7 to make this type of virtualization more cost effective and provide a better experience for users. Richer Remoting Experience: When connecting to a Windows 7 PC, the user gets a richer experience more like a local Windows Desktop. These are some of the improvements that we are making to the user’s VDI experience:Graphics: Windows 7 enterprise will provide true Multi-Monitor support, for up to 8 monitors. A scenario where this functionality is critical is a financial trader who needs to view information on multi-monitors, while the organization wants to have the centralized security and administration of VDI. Other graphics improvements include Desktop Window Manager remoting to display Windows Aero and more efficient video remoting with Windows Media Player. Audio: Bi-directional audio to support microphones for VOIP and speech recognition. Better audio playback over low-latency connections to mitigate A/V synchronization issues when remoting video via bitmaps (Flash, Silverlight) .Devices: Easy print makes it easy for the user to print to the correct local printer from their client computer. PnP redirection provides support for redirection of Windows Portable Devices – this category of devices includes media players based on the Media Transfer Protocol (MTP) and digital cameras based on the Picture Transfer Protocol (PTP).Physical Boot from VHD: Some customers who use VDI also have a need to reuse that same image on a physical PC. For example, imagine a call center with 200 users, 100 who work onsite with a traditional desktop and 100 who work remotely. Both sets of users are in a highly managed environment and use technologies such as folder redirection and roaming profiles so that the user’s state is not stored in the image and not tied to the OS image. These highly managed machines are typically remotely reimaged frequently (for example, using PXE with WDS to bring down the image file everyday or whenever there is a problem). In these scenarios, you can take that image you use for the VDI users and deploy it to the managed desktop PCs in the office. This gives you the capability to use and maintain the same image for both deployment scenarios. Understand that while this technology opens up new deployment scenarios, there will not be 100% parity in the experience between WIM and VHD. This is why we only recommend physical deployment of VHDs to desktops in highly managed environments where the user’s state is not stored on the PC and you have the ability to remotely re-image the OS on the physical PC frequently. Some of the differences between booting from VHD and WIM are: VHD deployment is not recommended for mobile PCs because VHD will not support Hibernate/Sleep or BitLocker. Some features of WDS will not be available in a VHD install Setup.exe will not support installing Windows into a VHDVHD files are larger than WIM files so copying the file down will consume more network bandwidth and take longer when compared to a similar WIM.In Windows 7, our deployment tools, such as WDS, will also support deployment and servicing of VHD files. Note that the physical VHD boot feature does not use virtualization to accomplish the VHD boot, there is no hypervisor or virtualization involved. We are simply using the VHD file as a container to store the OS image. In Windows 7, you will be able to specify a local VHD file on the hard drive using the Boot Configuration Data (BCD) to boot from.
Let me tell you some more details about one of the ways we are Streamlining PC Management in Windows 7—Increasing Automation.Windows PowerShell is a Windows command line shell and scripting language that helps IT professionals achieve greater control and productivity. There were close to 1 million downloads of PowerShell in its first six months of availability, and PowerShell has been included in server products, including Exchange 2007 & Windows Server 2008. While PowerShell 1.0 has been available as a separate download for Windows XP and Windows Vista, PowerShell 2.0 will be included natively in Windows 7 so you can easily take advantage of it to automate the management of your clients. Examples of how PowerShell can help the IT Pro: -Execute a command on all PCs to check if the Anti-Virus software service is stopped, and automatically restart it if necessary-Modify the security rights on files or shares-Open a data file (or OS repository like WMI) and pass the contents into a pre-formatted output file like an HTML page or Excel spreadsheet-Automate .NET applications that expose its objects for manipulation-Search and output specific information from Event Logs With the remote automation capabilities that will be new in v2.0 , an administrator can create a PowerShell script to configure a specific setting or run a complex task – defragment the hard drive, close a firewall port, etc., all from one IT Pro’s workstation, and the script will run immediately on all targeted PCs (provided they are online, of course). PowerShell will NOT be exclusive to the Enterprise SKU.
The Optimized Desktop in the Windows 7 timeframe will offer even more unique value for SA customers than what we offer today. We have not completed the entire SKU plan for Windows 7, but wanted to let you know that we will continue to offer an Enterprise SKU for Software Assurance customers only that will have even greater unique value than the Windows Vista Enterprise SKU. The product features that were unique in Windows Vista Enterprise (relative to Windows Vista Business) will stay unique in Window 7 Enterprise: BitLocker™ Drive Encryption, Multilingual User Interface (MUI) Language Packs, Subsystem for Unix Applications (SUA).And in Windows 7 we will provide even more value than what was in Windows Vista Enterprise with additional exclusive features.The Windows 7 Enterprise SKU is just one part of the value we offer through SA. We encourage customers to license the Enterprise SKU as part of the Optimized Desktop, which includes the Microsoft Desktop Optimization Pack. This additional subscription gives you access to 6 additional desktop management tools and regular updates that help you get the most out of Windows. And you can take advantage of the MDOP tools today on your current OS without waiting for the next version to come out before you can realize value.
Optimizing Hardware Specifications to Your Organizational NeedsWhile the minimum requirements for the Windows Vista operating system are highlighted on the Windows Vista TechCenter, it is a good idea to validate hardware performance with your intended application stack and end user expectations before baselining your organization’s standard hardware specifications. When standardizing on Windows Vista operating systems – especially for those using the Windows Aero appearance settings – many organizations have found that 2 or more GB of RAM, 2 GHz or faster processors, and compatible graphics adapters yield good results. Organizations using Windows Basic appearance settings in their PC environment can reduce these recommendations considerably and approach published minimum system requirements for those PCs. This may be useful if your organization is in the middle of a hardware refresh cycle and would like to standardized the operating system version to qualified existing hardware. Depending on how workstations are used in your organization, you can tailor hardware specifications and operating system configurations – including appearance settings – according to your user roles and operational needs.
Optimized Desktop, Mdop And Windows 7
Windows Optimized Desktop Roadmap<br />Delivering Business ValueToday and Tomorrow<br />
Imaged on boot – zero residual image</li></ul>Windows Azure (Cloud Computing)<br />Windows Vista Compatibility<br />Windows Server 2008 Compatibility (same kernel as Windows Vista)<br />Source: Tactics to Compete versus a Thin Client, Jeff Johnson (email@example.com), Eduardo Kassner (firstname.lastname@example.org)<br />
Applications Drive Client Options<br />Most Applications Lead to Vista Compatibility<br />Thin Client<br />CE.NET<br />Diskless<br />Smart Client<br />XP/Vista/Win7<br />Managed<br />Smart Client<br />XP/Vista/Win7<br />Thin Client<br />XP Embedded<br />PDA<br />Pocket PC<br />Windows Mobile<br />Rendering<br />(TS or VDI)<br />Rendering<br />(TS or VDI)<br />Rendering<br />(TS or VDI)<br />Rendering<br />(TS or VDI)<br />Rendering<br />(TS or VDI)<br />Application Compatibility depends on the supported Development Stack and Presentation Capabilities of the device<br />One size DOES NOT FIT ALL<br />App1<br />App1<br />App2<br />App2<br />App2<br /><ul><li>Minimum footprint option
Imaged on boot – zero residual image</li></ul>Source: Tactics to Compete versus a Thin Client, Jeff Johnson (email@example.com), Eduardo Kassner (firstname.lastname@example.org)<br />
How has thethinclientmarketgrown…<br />2007 Worldwide Shipments<br />Thin Clients – 3 Million units (1.1% WW)<br />PCs - 264 million units<br />Source : Gartner, 2007 PC Market Size WW<br />7 July 2008<br />1999 Worldwide Shipments<br />Thin Clients – 700,000 units (0.6% WW)<br />PCs -- 113 million units<br />Source : IDC 1999 Enterprise Thin Client Year in Review - Jan 2000 Update IDC, 9/7/01<br />Thin client remain 1% of the market<br />Source: Gartner - Dataquest, 2 October 2008 ID Number: G00160724<br />“Dataquest Insight: Growth in Thin-Client Terminal Markets Points to a Fundamental Shift in Computing Architecture”<br />
So… what does Gartner recommend<br />“Hosted Virtual-Desktop Deployments Are Set to Accelerate”<br />Source: Gartner, Brian Gammage, Mark A. Margevicius, 28 July 2008<br />Recommendations <br />• Unless your organization has an urgent requirement to deploy hosted virtual desktops immediately, wait until 2009 before commencing deployment. By early 2009, improvements in how users connect to virtual desktops and manage hosted virtual-desktop images will be available. <br />• Recognize that hosted virtual desktops will be suitable for some, but not all, users. Ongoing technical developments will reduce the impact of network latency issues, but will not eliminate them. Application performance from hosted virtual desktops will not be adequate for all user needs. <br />• Define and optimize management processes for hosted virtual desktops just as you did for traditional PCs. Although hosted virtual-desktop images are centralized and more standardized, the capabilities for managing them across their full deployment life cycles remain incomplete. To remedy this, budget for additional point-solution management capabilities.”<br />Microsoft Confidential<br />
So… what does Gartner recommend<br />Gartner Publication Date: 28 October 2008 ID Number: G00160447<br />“Through 2010, HVDs will be best-suited to structured task workers and will require "persistent personalization" to become viable for a broader number of users.<br /> A nonpersistent, pooled-image approach will be suitable for many categories of structured task worker, but not for other parts of the workforce. Given the aggressive plans for HVD deployment cited to Gartner by many organizations, this will pose a barrier to deployment and likely will give rise to user satisfaction issues where deployments proceed too rapidly. Without a persistent pooled-image approach to HVD deployment (where user state and settings can be preserved from one work session to another), organizations likely will find that the HVD model works well for less than half of the user population targeted: Through 2010, deployments that overestimate HVD capabilities will reach less than 40% of target users. Organizations that can overcome this issue, either by swallowing the additional management overhead or by deploying a point solution, will increase their success rate. Organizations that deploy persistently personalized images will reach 60% of target users with HVDs in 2011”<br />Microsoft Confidential<br />
Saving $$$ with Rich Clients<br />User Benefits<br />IT Benefits<br />Improved productivity<br />Reduces search time by 42%<br />Up to $59 savings per year 1<br />Improved performance<br />Up to a 3.5x network throughputimprovement 2<br />Improved interface<br />Consistent, fast, reliable resume<br />Efficient Document Sync<br />Previous Versions (backup)<br />Savings<br />Green $55-$78 annual savings for desktops4<br />$11 (8%) savings per PC in service desk-related IT labor1<br />$26 per/PC cost-reduction benefit in Desktop Engineering & Support Costs1<br />Up to $605/PC annual savings for mobile systems5<br />Security Benefits3<br />60% fewer malware infections than Windows XP SP2<br />45% fewer high security vulnerabilities in year 1<br />1st Windows OS developed under the Microsoft Trustworthy Computing Initiative (Secure Development Lifecycle)<br />Management & Security Features<br />BitLocker Drive Encryption<br />2-way firewall w/ IPSEC(centrally managed)<br />User Account Control (UAC)<br />Single Global Image<br />“Managed Desktop”<br />Windows Defender<br />Internet Explorer (IE) Protected Mode<br />ActiveX/USB/Device Management<br />Imaging tools included<br />Single security patch supports multiple languages<br />Network Access Protection Client<br />Windows XP Compatibility* via:<br />Virtual PC 2007<br />Microsoft Enterprise Desktop Virtualization (MED-V)<br />1Whitepaper: Analysis of the Business Value of Windows Vista, December 2006, http://download.microsoft.com/download/2/8/1/281dda34-b8fc-4b4c-9848-c6fa2ba8fa8a/IDC_vista_whitepaper.pdf<br />2Enhanced Network Performance with Microsoft Windows Vista and Windows Server 2008, Document #207180, The Tolly Group, June 2007, http://download.microsoft.com/download/4/b/4/4b455e48-72c4-4a04-b9a5-892fd497087a/TollyResults.pdf <br />3 Microsoft Security Intelligence Report, July – December 2007, http://www.microsoft.com/downloads/details.aspx?FamilyId=4EDE2572-1D39-46EA-94C6-4851750A2CB0&displaylang=en & http://www.microsoft.com/security/portal/sir.aspx<br />4 Continental Airlines Vista Case Study Video (2008) & Windows Vista Energy Conservation, October 2006, http://www.microsoft.com/whdc/system/pnppwr/powermgmt/VistaEnergyConserv.mspx<br />5Reducing TCO with Windows Vista: Quantified Savings for Mobile PCs, Wipro Technologies and GCR Custom Research, September 2007, http://download.microsoft.com/download/f/7/e/f7ef20ff-6bcc-4348-897b-94b22911f2dc/WIP_GCR_TCOMobilityWP_v9a.pdf<br />
What about VDI TCO?<br />What about Terminal Server TCO?<br />What about Windows Vista? <br />What about Core IO?<br />Basic<br />Standardized<br />Rationalize<br />6,000<br />Typical Managed Desktop<br />VS<br />VDI Desktop<br />5,309<br />5,047<br />4,752<br />5,000<br />Soft Cost<br />4,354<br />Hard Cost<br />2,848<br />4,000<br />2,572<br />3,652<br />3,336<br />2,423<br />3,182<br />3,023<br />2,025<br />2,852<br />2,782<br />914<br />2,709<br />3,000<br />1,315<br />1,121<br />914<br />741<br />704<br />914<br />2,000<br />Costs<br />2,738<br />2,461<br />2,475<br />2,329<br />2,329<br />2,111<br />1,000<br />2,109<br />2,078<br />2,061<br />2,021<br />1,795<br />0<br />VDI Heavy Workload (4/CPU)<br />VDI Typical Workload (6/CPU)<br />Terminal Service32 bit<br />Terminal Service64 bit<br />VDI LightWorkload (8/CPU)<br />Windows XP<br />Windows Vista<br />Windows Vista<br />Windows Vista<br />Windows XP<br />Windows XP<br />* Data from Gartner, IDC and Research and Advisory Consulting<br />Microsoft Confidential<br />
And how does Gartner PC Configuration Magic Quadrant look like ? Dec 2008<br />FOCUS ON:<br />Deploy PC OSs, settings and applications. <br />Collect and manage hardware and software inventory. <br />Monitor the use of software applications. <br />Configure and deploy software, patches and other system updates to PCs. <br />Remotely control PCs for troubleshooting<br />
Desired Configuration Management<br />Define configuration baselines for your business, workload or other requirements across physical and virtual environments<br />Leverage Microsoft and third party Configuration Packs<br />Identify required and prohibited configurations for clients, servers and applications and report on compliance against those definitions<br />Improve systems availability, security, and performance by reducing problems associated with configuration drift<br />Remediate non-compliance<br />Once configurations supporting regulatory compliance are defined reporting is a streamlined effort <br />Dashboards provide immediate visibility into the status of compliance<br />Compliance<br />
iTunes<br />Sales Applications<br />HR Applications<br />WinZip<br />Adobe Reader<br />Second Life<br />Face Book Applications<br />MSN IM<br />One Off Application<br />One Off Application<br />One Off Application<br />One Off Application<br />One Off Application<br />One Off Application<br />Finance Applications<br />Development<br />Applications<br />Core Applications<br />Applications in Image <br />What makes up a desktop?<br />Hardware & OS<br />
Microsoft Virtualization Products<br />A comprehensive set of virtualization products, from the data center to the desktop.<br />Assets – both virtual and physical – are managed from a single platform.<br />User State<br />Virtualization<br />Data<br />App<br />Server / Desktop Virtualization<br />Folder Redirection<br />Offline files<br />OS<br />OS<br />Presentation Virtualization<br />Management<br />Desktop & Application Virtualization<br />OS<br />HW<br />Application Virtualization<br />App<br />App<br />App<br />OS<br />
So… what does Gartner recommend<br />Choosing From 10 Client Computing Architectural Options <br />Source: Gartner, Brian Gammage, Mark A. Margevicius. 10 December 2007<br />“The number of ways in which enterprises can deliver computing environments and applications to users has expanded dramatically — from two primary architectural choices to ten. <br />To meet changing business and user requirements, most organizations will embrace multiple delivery options, often in combination.”<br />Microsoft Confidential<br />
Microsoft Desktop Optimization PackEnterprise management tools for Software Assurance customers <br />1 Day Deployment<br />1 Day Deployment<br />Project Deployment<br />New<br />1 Day Deployment<br />1 Day Deployment<br />Project Deployment<br />
Windows 7 Builds on Windows VistaDeployment, Testing, and Pilots Today Will Continue to Pay Off<br />Similar Compatibility: <br />Most software that runs on Windows Vista will run on Windows 7. Exceptions will be low level code (AV, Firewall, Imaging, etc). <br />Hardware that runs Windows Vista well will run Windows 7 well.<br />Few Changes: Focus on quality and reliability improvements<br />Deep Changes: New models for security, drivers, deployment, and networking<br />
Enterprise Search Make Users Productive Anywhere <br />Situation Today<br />Search Federation<br />Consistent user experience for finding data from multiple locations, including SharePoint<br />IT can pre-populate links on Start menu and Explorer to preferred sites with “Enterprise Search Scopes” <br />Current desktop and Enterprise search solutions are good, but not integrated<br />Users need to take different steps to find data on PC and data on servers<br />Data sources are hard to discover<br />Windows 7 Solution<br />
Remote Access for Mobile Workers Make Users Productive Anywhere <br />Situation Today<br />DirectAccess™<br />Home<br />Office<br />Home<br />Office<br />New network paradigm enables same experience inside & outside the office<br />Seamless access to network resources increases productivity of mobile users<br />Infrastructure investments also make it easy to service mobile PCs and distribute updates and polices<br />Difficult for users to access corporate resources from outside the office<br />Challenging for IT to manage, update, patch mobile PCs while disconnected from company network<br />Windows 7 Solution<br />
Branch Office Network PerformanceMake Users Productive Anywhere <br />Situation Today<br />BranchCache™<br />Caches content downloaded from file and Web servers<br />Users in the branch can quickly open files stored in the cache<br />Frees up network bandwidth for other uses<br />Application and data access over WAN is slow in branch offices<br />Slow connections hurt user productivity <br />Improving network performance is expensive and difficult to implement <br />Windows 7 Solution<br />
Data ProtectionEnhance Security & Control<br />Situation Today<br />BitLocker To Go™<br />+<br />Worldwide Shipments (000s)<br />Protect data on internal and removable drives<br />Mandate the use of encryption with Group Policies<br />Store recovery information in Active Directory for manageability <br />Simplify BitLocker setup and configuration of primary hard drive<br /><ul><li>Gartner “Forecast: USB Flash Drives, Worldwide, 2001-2011” 24 September 2007, Joseph Unsworth
Gartner “Dataquest Insight: PC Forecast Analysis, Worldwide, 1H08” 18 April 2008, Mikako Kitagawa, George Shiffler III </li></ul>Windows 7 Solution<br />
Application Control Enhance Security and Control <br />Situation Today<br />AppLocker™<br />Eliminate unwanted/unknown applications in your network<br />Enforce application standardization within your organization<br />Easily create and manage flexible rules using Group Policy<br />Users can install and run unapproved applications<br />Even standard users can install some types of software<br />Unauthorized applications may:<br />Introduce malware<br />Increase helpdesk calls<br />Reduce user productivity<br />Undermine compliance efforts<br />Windows 7 Solution<br />
Virtual Desktop InfrastructureStreamline PC Management<br />Situation Today<br />Richer Remote Experience<br />Richer graphics with improved multi-monitor support<br />Use voice for telephony & applications with microphone support<br />Improved printing<br />Do More With VHDs<br />What is Virtual Desktop Infrastructure?<br />Maintain VHD: Offline servicing of VHD images with same tools used for WIM<br />Boot from VHD: Reuse VHD files for deployment to managed desktop PCs <br />Deploying desktops in virtual machines on server hardware<br />Centralized management & security<br />Users can access their desktop and applications wherever they are<br />*<br />Using Windows for VDI scenarios requires additional VECD license <br />Windows 7 Solution<br />
AutomationStreamline PC Management <br />Situation Today<br />PowerShell v2.0 In the Client<br />IT Pros rely on scripting to automate repetitive tasks<br />Previous Windows scripting languages were limited in scope and difficult to use<br />PowerShell helps IT professionals achieve greater control and productivity in managing servers<br />Use the same powerful tools for automation of servers and PCs<br />New graphical editor makes it easy for IT pros to learn and use scripting<br />Run automated tasks remotely across your entire organization<br />Windows 7 Solution<br />
Increased Value in Optimized DesktopContinued investments in SA value<br />Make Users Productive Anywhere <br />DirectAccess™<br />BranchCache™<br />Enterprise Search Scopes<br />Enhance Security and Protect Data<br />BitLocker™ & BitLocker To Go™ <br />AppLocker™ <br />Streamline PC Management <br />MUI Language Packs<br />Richer VDI Remoting & Boot from VHD(VDI requires VECD license)<br />Subsystem for UNIX <br />4 Virtual Operating Systems<br />Network Boot License <br />
Planning Your Desktop ExperienceWindows Vista Hardware<br />Optimize Standard Hardware Specifications to Meet Your Needs<br /><ul><li>Validate hardware performance against your intended application stack
7200RPM hard drives</li></ul>Organizations using Aero theme tend to have good experience with<br />Will improve experience but not required<br />Hardware specifications can be reduced when using the Basic appearance<br />
What to do Today<br />Microsoftguidance to optimize desktop infrastructure<br />