Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Praktiline pilvekonverents - IT haldust hõlbustavad uuendused

166 views

Published on

IT halduse lihtsustamiseks on lisandunud mitmeid mõnusaid uuendusi. Andres Nurk rääkis põhilisematest nagu: Windows Server 2016, Windows 10 E3, ATP, OMS. Uuenduste tuules on muutunud ka WinServeri litsentsimine. Aleksei Räim andis kiire ülevaate, mida peab silmas pidama.

Published in: Business
  • Be the first to comment

  • Be the first to like this

Praktiline pilvekonverents - IT haldust hõlbustavad uuendused

  1. 1. Praktiline Pilvekonverents IT haldust hõlbustavad uuendused Andres Nurk Cloud Automation Specialist
  2. 2. IT is being pulled in two directions Support business agility and innovation Provide secure, controlled IT resources By 2017, 50% of total IT spending will be spent outside of the formal IT organization* *Source: Gartner Group, 2016
  3. 3. Security threats Datacenter efficiency Supporting innovation
  4. 4. Datacenter efficiency Supporting innovation Security is top IT priority Security threats
  5. 5. Attack timeline 24–48 hours More than 200 days (varies by industry) First host compromised Domain admin compromised Attack discovered
  6. 6. Datacenter efficiency Supporting innovation Protect identity Help secure virtual machines Add built-in layers of security Security threats
  7. 7. Typical administrator Protecting privileged credentials Ben Mary Jake Admin Domain admin Just Enough and Just in Time administration Capability Time Credential Guard Prevents Pass-the-Hash and Pass-the-Ticket attacks by protecting stored credentials through virtualization-based security. Remote Credential Guard Works in conjunction with Credential Guard for RDP sessions to deliver Single Sign-On (SSO), eliminating the need to pass credentials to the RDP host. Just Enough Administration Limits administrative privileges to the bare-minimum required set of actions (limited in space). Just-in-Time Administration Provides privileged access through a workflow that is audited and limited in time. Capability and time needed
  8. 8. Features to help protect virtual machines Shielded Virtual Machines Use BitLocker to encrypt the disk and state of virtual machines protecting secrets from compromised admins and malware. Host Guardian Service Attests to host health releasing the keys required to boot or migrate a Shielded VM only to healthy hosts. Generation 2 VMs Supports virtualized equivalents of hardware security technologies (e.g., TPMs) enabling BitLocker encryption for Shielded Virtual Machines. Hyper-V Virtual machine Computer room Building perimeter Physical machine Hyper-V Shielded virtual machine  *                `
  9. 9. Security threats Transforming the datacenter Supporting innovation Datacenter efficiency
  10. 10. Security threats Datacenter efficiency Datacenter efficiency Transforming the datacenter Supporting innovation Resilient compute Software-defined storage Azure-inspired networking
  11. 11. Capability Windows Server 2012/2012 R2 Standard and Datacenter Windows Server 2016 Standard and Datacenter Physical (Host) Memory Support Up to 4 TB per physical server Up to 24 TB per physical server (6x) Physical (Host) Logical Processor Support Up to 320 LPs Up to 512 LPs Virtual Machine Memory Support Up to 1 TB per VM Up to 12 TB per VM (12x) Virtual Machine Virtual Processor Support Up to 64 VPs per VM Up to 240 VPs per VM (3.75x) Windows Server 2016 Hyper-V scalability
  12. 12. Increase reliability with cluster enhancements Cluster OS Rolling Upgrade Upgrade your fabric to Windows Server 2016, without downtime to workloads running on Hyper-V virtual machines. Mixed OS Mode cluster Provides ability for Windows Server 2012 R2 cluster nodes to operate with Windows Server 2016 nodes. VM resiliency Designed for cloud-scale environments, this helps preserve VM session state in the event of transient storage or network disruptions. Fault domain-aware clusters Enhances key operations during cluster lifecycle such as failover behavior, placement policies, heartbeating between nodes, and quorum behavior.
  13. 13. Nano Server installation option Just enough OS Third-party applications RDS experience Existing VM workloads Provides higher density, reduced attack surface and servicing requirements Ideal for reducing datacenter footprint • Ideal for next generation app development • •
  14. 14. Complete software-defined storage solution Storage Replica Create affordable business continuity and disaster recovery among datacenters. Storage Quality of Service Prevent noisy neighbors from impacting high priority workloads with a Storage QoS policy. Storage Spaces Direct Use standard servers with local storage to build highly available and scalable software-defined storage. Site 1 Site 2
  15. 15. Converged solution On-premises disaggregated solution Scale components separately in this model. Simultaneous scaling is possible when compute (Hyper-V) and storage components (Storage Spaces Direct) reside on the same cluster. Hyper-converged Scale compute, storage simultaneously Storage Software SMB3 Virtual machines on Hyper-V host Scale-out file server Storage Software Virtual Machines Scale-out file server Storage Software
  16. 16. Creating opportunity for growth Security threats Datacenter efficiency Supporting innovation
  17. 17. Security threats Datacenter efficiency Supporting innovation Supporting innovation Run existing apps with more security. Evolve existing apps with new technologies. Create innovative cloud-native apps.
  18. 18. Introducing containers for Windows Server Containers Traditional virtual machines = hardware virtualization VM VM VM Applications Kernel = Operating system virtualization Container Container Container Windows Server containers Maximum speed and density Container Container Container Hyper-V containers Isolation plus performance Container Container Container
  19. 19. Operations collaborates with developers to provide app metrics and insights. Physical/Virtual Servers Operations automates deployment and monitors deployed apps from central repository. Developers push containers to central repository. Developers build, test and update apps in containers, using development environment; i.e., Visual Studio. Containers are central to DevOps process
  20. 20. Ready for the cloud Improve IT efficiency & productivity Safeguard your business  Just in Time & Just Enough Administration  Windows Defender for malware protection  Trusted/Secure boot  Shielded Virtual Machines  Host Guardian Services  Enhanced Containers  Stretch Clusters  Rolling Cluster OS upgrades  Storage Spaces Direct  Storage Replica  Storage Quality of Service  Remote Desktop Services  Encrypted Virtual Machines and Containers  Azure Backup, Azure Storage, Azure Site Recovery1  Azure Active Directory1  RSMT Azure Remote Server Management Tools1  Operations Manager Suite1
  21. 21. Unlimited Windows Server containers Nano Server as deployment option Unlimited VMs Unlimited Hyper-V containers Storage features including: Storage Replica & Storage Spaces Direct New Networking Stack Shielded VMs and Host Guardian Service 2 VMs 2 Hyper-V containers** Essentials Edition 25 users / 50 devices No server CALs required 1 physical or virtual* Must be root of domain Workgroup / Standard Procs 1 / 2 RAM 32GB / 12TB SMB links 250 / Unlimited Max Users 50 / Unlimited Disk number 6 / Unlimited Enterprise class technology to drive any sized business Basic functionality of Windows Server Core functionality of Windows Server Unlimited, based on CALsUnlimited, based on CALs
  22. 22. Secure the OS: host & guest Host Integrity Guest Integrity Manage privileged identities Prevent credential theft Secure virtualization Monitoring/Detection Secure the OS: host & guest Host Integrity Guest Integrity Manage privileged identities Prevent credential theft Secure virtualization
  23. 23. Private clouds (Azure Stack, Hyper-V, VMware, OpenStack) Windows Server (Guest) Windows Server (Guest) Windows Server (Guest) Windows Server (Guest) Linux (Guest) Operations Management Suite
  24. 24. A single portal for all your management tasks. No infrastructure to maintain. It’s simple Onboard fast. No content to create. Connects to your on-premises datacenter. Time to value Add new servers, or connect to your existing management tools within minutes. Easy to integrate Manage workloads across Windows and Linux, hybrid and public clouds, Azure and AWS. Hybrid and open Complements your System Center investment to unleash new management scenarios. Extend System Center
  25. 25. Gain visibility across your hybrid enterprise cloud Log analytics Automation Orchestrate complex and repetitive operations Availability Increase data protection and application availability Security Help secure your workloads, servers, and users
  26. 26. Microsoft Operations Management Suite Experience Center • Proovi ise OMS’i • https://experience.mms.microsoft.com/
  27. 27. Pay as you go Simplified ITBest-in-class security Does your business process sensitive data, operate in a regulated industry, or develop software in-house? Or is your business publicly traded? If so, get the increased security, controls and IT support that you need with Windows 10 Enterprise E3. Delivered as a cloud service and managed by your Microsoft Partner.
  28. 28. Microsoft empowers your users with best-in-class productivity across devices while providing IT security & control. Windows Enterprise E3 Enterprise Mobility Suite Office 365 These products can help your organization grow and stay agile while controlling costs with: Value: save by licensing users instead of devices Manageability: eliminate the need to count devices, for easier purchasing and compliance Flexibility: scale up or down depending on your needs with no need to commit up front
  29. 29. New Per User Licensing Model: • Simple and consistent license management based on users, eliminating the need for device counting • Easier to stay compliant • Re-assign licenses as needed • Align the management of your device licenses with other cloud- based services, such as Office 365 Windows Enterprise with Software Assurance x86 PC/Mac Per Device (Traditional Model) Deployed on the desktop Windows 10 Enterprise E3 x86 PC/Tablet PC/Mac Tablet/Phone/Chromebook (RT/WinPhone/iOS/Android) Per User (New Model) Deployed in the cloud
  30. 30. Enterprise-grade security Windows Hello* Windows Information Protection (to be delivered in the future) BitLocker Credential Guard Device Guard AppLocker Management Managed User Experience Deployment flexibility and enhanced controls Dynamic Provisioning Current Branch for Business Mobile Device Management Azure Active Directory Domain Join Domain Join and Group Policy Windows Store for Business Windows Update Windows Update for Business Client Hyper-V Remote Desktop App-V UE-V Branch Cache Direct Access Telemetry COIN Simplified licensing Subscription-based Access Per-User Licensing Central Partner Portal Cloud-based Provisioning Partner-managed IT Additionalprotection, flexibility,andcontrol Pro Enterprise H H H H H H H H H H H H H H H H H H H H H H H H H H H H
  31. 31. Aitäh!

×