mission critical
DESCRIPTION
Mission Critical. Capability Discussion Presentation. Engagement Approach. Solution areas. Business strategy. Horizontal. Industry. Audience. Understand business needs and priorities Discuss range of potential solution capabilities. Business executives. - PowerPoint PPT PresentationTRANSCRIPT
Mission Critical
Capability Discussion Presentation
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
AgendaAgenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
Business Driver
Phase 1 Phase 2 Phase 3
IMPROVE BUSINESS EFFICIENCY WITHOUT ADDED COMPLEXITY
Improve workload management to support applications and services and provide maximum flexibility and scalability via quick and easy configuration of servers and rapid provisioning of applications and services with the ability to scale environments up and outBack up server data that supports critical services in accordance with standard IT practices and help ensure recovery from damaged or lost data, hardware failures, and disaster via identifying critical applications and services based on value of data, cost of outage, and other business-driven metrics and via optimized techniques to ensure successful backup of all critical servers, applications, and services according to outlined recovery goalsProvide the ability to scale environments up and out to meet performance objectives for applications, even under increasing loads via tools for performance monitoring, troubleshooting, and auto-tuning to manage and monitor performance of mission-critical applications and services
Help ensure business agility by enabling a dynamic IT infrastructure to support applications and services, balance loads, and maximize resource usage for improved flexibility, scalability, and reliability via virtualization to consolidate multiple, underused physical servers; reconfigure virtual machines; provide flexible resource control; enable quick migration; and make server, networking, and storage more efficientProvide support to accommodate planned downtime and reduce unplanned downtime without affecting availability of mission-critical applications via failover clustering and streamlined maintenance and disaster recovery options to eliminate single points of failureCentrally monitor and manage the operation of critical server infrastructure, end-user systems, and services to adhere to service-level agreements (SLAs) via remote management of servers through the command line, automated scripts, and remote management servicesProactively manage performance by identifying potential performance issues and monitoring service levels across applications and services via defined resource limits and priorities for workloads that support predictable performance across workloads
Help ensure a stable and controlled environment for business-critical applications to meet service levels and to remain flexible and scalable to support, manage, and secure applications that are increasingly critical to business goals via a dynamic, reliable, and scalable virtualization platform combined with a single set of integrated management tools to manage both physical and virtual resourcesProvide the ability to build, modify, and distribute scalable applications with minimal on-premises resources via cloud-based development, service hosting, and a service management environment that provides on-demand computing and storage to host, scale, and manage web applications on the InternetHelp ensure continual backup and archiving of data to speed up recovery and to enable rapid restoration across data centers that are located at multiple sites to achieve the appropriate level of availability defined by SLAs via continual or near-continual data backup and archiving based on workload, including multiple recovery points for fast rollback and recovery of essential services and one-touch application restoration across geographies and multiple data centersProactively plan for performance optimization initiatives by monitoring the performance and utilization metrics of servers, databases, applications, and services across the organization via centralized storage of performance data from across the organization in a performance management data warehouse to help monitor key performance metrics, and via configuring customized alerts that display when metric thresholds are crossed
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Business Driver
Phase 1 Phase 2 Phase 3
PROTECT BUSINESS ASSETS AND INTELLECTUAL PROPERTY
Help secure the IT infrastructure from attacks while preserving access to corporate resources, including applications and services via a secured environment through integrated identity and access management, policy validation, network restriction, and ongoing monitoring of network health that includes defense-in-depth policies across endpoints, servers, and the network
Provide more secure remote access to applications and services while enabling IT administrators to centrally manage network access and to control and monitor system health policies via enabling policy-based access and standardized security, management, and configuration controls; and centralized audits of system security for collecting, storing, and analyzing security event data
Enforce security measures and centrally monitor key security events to help identify and audit security breaches and compliance failures for all servers, applications, and services via reports and dashboards, flexible custom views, and configurable event logs to help IT investigate the causes of non-compliance and to take measures to establish appropriate policies, procedures, and controls
Help secure and manage users' internal and external access across systems, from virtually anywhere and any device across the organization via enforced security policies that provide robust protection and can flexibly support the connectivity needs of an increasing number of internal and external users, devices, system configurations, and network connection types
Help ensure automatic identification of security and compliance threats and automated mitigation of all deviations from security policy
via detailed configuration auditing and reporting, measurement of security metrics, and performance of event analysis and correlation in real time
Provide a versatile and interoperable platform to enable more secure access to applications across multiple systems, networks, and organizations in different trust realms via federated security that provides a more secure and scalable service architecture across organizational boundaries
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Business Driver
Phase 1 Phase 2 Phase 3
ACHIEVE RAPID TIME-TO-MARKET FOR COMPETITIVE ADVANTAGE
Lower barriers to build composite applications, scalable and custom web applications, and packaged line-of-business applications via an integrated and extensible application development environment that consistently supports various phases of the development cycle across diverse teams Provide the ability to extend and unlock the value in existing line-of-business systems and enable future updates and replacements of these systems with minimal impact to the applications that consume them via implementing a services layer on top of line-of-business systems to make these systems available to other systems, applications, and business processes
Provide integrated tools for developing mission-critical applications that target multiple devices including desktop systems, hand-held devices, smart phones, web, and mobile devices via next-generation tools that support development of applications across a variety of devices, application types, and programming tasks and include the highest quality user experienceAggregate individual services into composite services to provide a range of new capabilities focused on building robust, connected, mission-critical applications via an enterprise service bus that supports messaging patterns that enable dynamic service aggregation, message routing, validation, transformation, exception management, and fault toleranceProvide the ability to form composite services from collections of individual services to help accelerate adoption, management, and reuse of services across the organization via implementing an enterprise-wide service catalog that has a well-defined, coarse-grained, business centric, and reusable shared services architecture that includes more secure accessProvide the ability to transfer or convert legacy applications and data from less cost-effective systems to systems based on Microsoft Windows via an integrated, robust, and extensible solution that includes consistent servers, clients, applications, and database managementProvide a full range of supported and fully integrated cross-platform network services to support interoperability while extending UNIX-based applications to Windows systems via enabling seamless access to information that is stored on multiple platforms, consolidating network management across platforms, integrating custom and legacy UNIX-based applications, and providing the ability to reuse UNIX applications and scripts in WindowsProvide the ability to integrate data from diverse sources that include legacy systems, and help present the data in a consistent way throughout the organization via enterprise-class data integration solutions to extract, transform, and load data from a wide array of data sources and the ability to share, secure, and manage interactive reports
Enable organizations to rapidly create more secure, manageable, and reliable mission-critical applications that include integrated workflows that better align with business processes and have enterprise-wide strategic impact via powerful and robust development tools that provide security advancements, management tools, and enhancements to build, test, and deploy highly reliable and secure mission-critical applications that include complex workflowsProvide a consistent development and management experience across customer premises and cloud environments via a reliable, secure, and trustworthy platform that enables on-premises and off-premises applications to work togetherAggregate business services into a set of dynamic, mission-critical business applications that extend beyond the firewall or organizational boundaries and enable proactive management of SLAs via adopting a standards-based, interoperable, reliable platform to help effectively manage heterogeneous systems by using dynamic versioning, control, updates, redeployments, and workload adaptabilityDeploy a systematic and secure solution in the cloud that integrates with existing on-premises assets via a cloud-based solution that supports creating, prototyping, and deploying applications and integrates with the existing on-premises environment
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Business
Today Future
Dynamic business agilityand low TCO
Optimizing Finance Operations
Multiple Enterprise Solutions
Point solutions
Siloed, disconnectedtechnology
investments
High TCO | Low agility
Sales Effectiveness
Improving Customer Service
Integrated capabilities
Why the Integrated Enterprise Platform Approach?
Supporting Microsoft Technologies
Client Capabilities
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Client Capabilities
Relationships Between Integrated Capabilities
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization
Integrated Enterprise Platform
Client Capabilities
Business Productivity Infrastructure Optimization
Core Infrastructure Optimization
Each capability has four levels of maturity:
BasicStandardizedRationalizedDynamic
What are these used for?Profiling integrated capabilities, leading to model common capabilitiesUnderstanding dependenciesPlanning advancement in services provided to lead to enterprise-class capabilities
Optimization Model Capability Maturity Levels
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and ManagementD
YN
AM
IC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Infr
astr
uctu
re O
pti
miz
ati
on
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Application Platform Optimization
Business Productivity Infrastructure Optimization
Core Infrastructure Optimization
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Improve business efficiency without added
complexity
Achieve rapid time-to-market for competitive
advantage
Protect business assets and intellectual
property
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Operations
Human Resources SalesFinance
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Business Benefits IT Benefits
FamiliarityHigh user familiarityFaster adoption rateLower time to value
AgilityFast, efficient deploymentGreater integration
RobustnessConsistent featuresData integrationProcess integration
ScalablePerformance and reliabilitySecuritySupport skills and processes
Lower TCOCommon support skills and processesLower integration costsLow cost software
SustainableContinuity and long-term viability
Value of Integrated Capabilities from Microsoft
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Challenge: Align with Business Goals
IT Strategy and Business
Alignment
OperationsManagement
InnovationEnablement
Business Strategy and
Goals
Cost center More efficient cost center
Business enabler Strategic asset
Time
Valu
eOptimizing the Integrated Enterprise Platform
Sophistication of the Solution
Phase 1
Provides basic support for the most critical elements of the business driver
Phase 2
Provides adequate, typical support for critical and priority elements of the business driver
Phase 3
Provides thorough, streamlined support for the business driver that enables differentiated levels of performance
PROTECT BUSINESS ASSETS AND
INTELLECTUAL PROPERTY
ACHIEVE RAPID TIME-TO-MARKET FOR COMPETITIVE ADVANTAGE
IMPROVE BUSINESS EFFICIENCY WITHOUT ADDED COMPLEXITY
B S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
A defined software library exists. Automated build with defined deployment and provisioning processes. Deployment and management of software updates are tool based. Capacity management processes are manual and reactive, resource utilization and capacity are monitored periodically. The organization actively uses virtualization to consolidate resources for production workloads. Some Production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly. Services are available during server failure (e.g. server clustering, hot spares, and/or virtualization recovery solution).
Server Security
Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.
Networking
Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. Network quality of service (basic prioritization of applications and services) is standard, with manual allocation of available bandwidth. Wide area network traffic health and performance are monitored and reported. IPv4 for main transport services, using IPv6 for some transport services (eg. to achieve larger address range).
StorageIf a single disk or system component fails, no data is lost but data availability may be interrupted. Storage is managed and allocated on highly available servers using virtual disks or dynamic disk volumes. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements.
Device Deploymen
t and Manageme
nt
Device Mgt & Virtualization
The majority of the installed client base has a minimum of one year of mainstream support remaining. Some applications are virtualized, but most are installed as packages or are included in the standard image. A solution is in place to configure and update devices. Mobile devices are managed by security policy provisioning (such as personal identification numbers) and remote wipe.
Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process.
Identity & Security Services
Identity & Access
To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Password policies are set within a directory service to enable single sign on across boundaries for most applications. Password resets through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories.
Information Protection & Control
Persistent information protection exists within the trusted network to enforce policy across key sensitive data (such as documents and e-mail); policy templates are used to standardize rights and control access to information. Reporting is predefined for select server and back-office waypoints.
IT Process & Compliance
IT service portfolio aligns with individual business units; the IT service costs, returns, capacity, availability, continuity, and integrity are reported. IT policies are documented for each IT service. Each IT service has a formal definition of reliability. Each IT service has a process to manage bug handling and design changes; IT services are tested according to defined test plans based on specifications. IT service release and deployment processes are formally defined and consistently followed. Each IT service provides service-level and operational-level agreements. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Each IT service has its own change and configuration management process; standard changes are identified for each IT service. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Self service objectives and/or agreement exists, IT Service request process exists, fulfillment is manual. Defined orchestration with scripted processes to support manual execution.
Phase 1: Core IOBasic Standardized Rationalized Dynamic
B S R D
Collaboration
Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications.
Portals Multiple portals exist; directory services, authentication, and authorization are not uniform across portals, requiring users to sign in multiple times; user management methods are redundant.
Social Computing
Project Mgt
Information access
Interactive experience and navigation
Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory.
Unified Communic
ations
IM/Presence
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
Authoring
Multi-Device Support
Interoperability
User Accessibility
Phase 1: BPIOBasic Standardized Rationalized Dynamic
B S R D
BI and Analytics Platform
Business Intelligence
IT provides access for users to sanctioned data sources as database connections, data feeds, or static data dumps, upon which users can easily perform ad-hoc queries and data analysis using Excel or other analysis tools. Users can share their analyses via a BI portal. Users may have access to more advanced self-service analytics tools to perform data mining or predictive analysis without dependence on IT or a Data Analyst. Some level of automation is in place to render data pulled from enterprise systems on dashboards, but is used for only strategic or high profile projects. Dashboards have integrated interfaces to allow users to roll-up and drill-down on live data.
Data Warehouse Management
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Key high-value data has associated formal data management policies and processes. Data governance may be recognized on a siloed basis, but not as a corporate discipline. Data and asset inventories and dependency relationships are manually documented periodically. Access policies for data and objects in databases are defined but not centralized, and do not reference data classifications. Administrative tasks are still performed using an over-privileged account. Security management is performed on a server-by-server basis. Systems are in place for retention backup. Organizational/departmental policies exist for how long items are stored and what is stored.
Application Infrastructure
Application messaging services used by development are aligned with standard application operating environments. Development and operations teams have the skills required to effectively and consistently make use of these technologies. Limited application component and service reuse strategies exist at the departmental or project level. Orchestration and workflow between applications is typically implemented via custom integrations. Applications are beginning to adopt web services or other standards implemented in operating environments to allow application components and common application services to interoperate as needed. Common application services and middleware component frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Limited application component and service reuse strategies exist at the departmental or project level. Common application services and runtime application frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Operations is beginning to rationalize to the standard common services and consolidate runtime platforms. Deploying applications is complex and process varies by application. Monitoring of applications uses IT infrastructure components and tools to monitor business process steps, workflow instances, health of applications and services, and the entire process at a summary level. The organization leverages application servers, and developers write very little system and management code. Management tools consist of utilizing included management software more fully. Built-in diagnostics exist for domain connectivity, services health, firewall settings, network connectivity, and for SOA runtime infrastructure.
Custom Developme
nt
Internet Applications User experience is considered as an afterthought, if at all during site development. Basic integration of rich technology (Silverlight, Flash, Java, etc.) exists, but is inconsistent throughout the site, and is generally used to provide islands of richness.
Component and Service Composition
Some use of reusable assets is supported by high-value services, components, and modules. Composition by IT departments requires advanced coding skills. Use of composition frameworks and tools happens on a project-by-project basis. SOA and portal components are not coordinated. Central IT provides managed and secure data services to some of the most commonly needed enterprise entities and provides business units with standard services to some key enterprise systems and for some standard needs like reporting and dashboards. LOB applications expose pre-built web parts that integrate with the company portal and are easily used by users. Developers are beginning to create components and services for the designated portal platform, though the efforts are exploratory in nature or focused on individual projects. The composite application portal has basic integration with existing business productivity desktop and enterprise applications (such as desktop applications and email). No discoverability of services is in place. Application models are highly descriptive of the application components and dependencies. Manual checks against the application map are in place to avoid impacts on services by component changes. Components and low-level services are documented manually, though the culture of management of those components has not been pervasive across the organization.
Enterprise Integration Reusable integration components are developed for custom development on an ad hoc basis. Project management is centralized for application integrations.
Development Platform
The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Application customization is performed through customization support offered by the application, on an isolated project basis with no standard approaches or consideration for future maintenance or integration.
Application Lifecycle Management
Work-breakdown structures map estimated work to business value. Rudimentary metrics are used to manage project progress. Project managers aggregate data from standard status updates. Effective change management processes are in place. Testing has test harnesses and some automation, formal unit testing with good code coverage, and defined test strategy and processes. Explicit use of code quality tools typically occurs at the end of the development cycle. An explicit version control and software configuration management strategy exists. Builds are automated. Some branching and merging occurs. Continuous integration or nightly builds are supported for most applications. Labs for testing and development have environment specifications that are defined and tested with environment build procedures and application build deployment procedures. Processes are defined for debugging production defects and incidents, with a standard set of defect artifacts.
Phase 1: APOBasic Standardized Rationalized Dynamic
B S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
Software and configuration library is maintained at current update levels with version control and auditing on demand. Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Software update management and auditing are policy-driven and monitored, including automated vulnerability detection. Isolation and remediation of vulnerable and non-compliant systems are automated. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Majority of production server resources are virtualized. Resource pooling implementation supports compliance and cost management strategies, such as Auditing and Reporting, Policy Management, Metered Usage, Multi-Tenancy and Process Automation. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. Policy enforcement occurs in near real time based on company and industry-standard polices that allow for immediate quarantine of non-compliant systems, and consistent compliance reporting and standards exist across all IT services. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.
Server Security Remote access is secure, standardized, and available to end users across the organization.
Networking
Redundant Domain Name System servers exist on a separate network to provide fault tolerance and isolation, including ability to do zone transfer across boundaries. The Dynamic Host Configuration Protocol infrastructure is aware of the virtual local area network. Quality of service is in place for prioritizing applications and services with intelligent allocation of bandwidth. Network capacity is virtualized and available via pools that are consumed by VMs and services based on dynamic management driven by service models. Wide area network traffic health and performance is monitored and reported centrally, providing real time visibility with integration into service management tools. Using IPv6 with IPSec for secure private communication over public network.
StorageIf a storage node fails, data access transparently fails over with no interruption in availability. Storage is managed and allocated dynamically from a highly available pool of physical space based on capacity required, and within limits set by policy quotas. Critical data is backed up by taking snapshots using a centralized, application-aware system.
Device Deploymen
t and Manageme
nt
Device Mgt & Virtualization
The majority of the installed client base has a combination of current and recently released operating systems. Applications are distributed on demand for the majority of traditional desktop environments and productivity applications. A solution is in place to automatically identify devices to deploy, configure, and update while maintaining device security. Mobile devices are managed by enforceable application and hardware policies (such as device encryption and hardware access).
Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.
Identity & Security Services
Identity & Access
Provisioning and de-provisioning of user and super-user accounts, certificates, and/or multi-factor authentication is automated. Federation exists for selected applications. For consumer facing applications, federating with public providers (such as Facebook). Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable.
Information Protection & Control
Persistent information protection helps to enforce policy on sensitive data across boundaries, including data on mobile devices. Reporting for server, back-office, and end-user waypoints; analysis capabilities exist to provide investigation of critical incidents.
IT Process & Compliance
The IT service portfolio is aligned with the organization; management regularly reviews how the service portfolio and strategy align, and reports costs and returns across IT services. IT policies are integrated across all IT services, enabling or restricting use of resources as appropriate. Definitions of reliability for IT services are integrated across IT services and enforceable. IT service issues and design changes are tracked by using formal processes; testing is automated where possible. IT service release processes are uniform across IT services; deployment is automated and offers self service where possible; management reviews each service for readiness to release before deployment. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. A self service catalog is defined with SLAs/SLOs and consumed via a self service portal supported by some automated fulfillment. Comprehensive service life cycle orchestration that is automated for some workloads.
Phase 2: Core IOBasic Standardized Rationalized Dynamic
B S R D
Collaboration
Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications.
Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services.
Social Computing
Project Mgt
Information access
Interactive experience and navigation
Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory.
Unified Communic
ations
IM/Presence
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
Authoring
Multi-Device Support
Interoperability
User Accessibility
Phase 2: BPIOBasic Standardized Rationalized Dynamic
B S R D
BI and Analytics Platform
Business IntelligenceDashboards are consistently used to provide operational and strategic views of the business from real time or periodically refreshed data. BI portal experience has rich visualizations, dashboards and scorecards with full data interactivity (slicing, filtering, etc.) consistent with self service reporting and analysis tools. Users have the ability to create unique personal and/or shared views of data that are actually combinations of multiple views (i.e. mashups).
Data Warehouse Management
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas. Metadata and taxonomies are defined, implemented, and formally managed in one or more repositories with more reliance upon policy-based management to ensure proper configuration and adherence to policies. Business has begun to consolidate data, management plans, and policies for consistency across information stores.
Application Infrastructure
A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. Standard service-based application architectures are being rationalized and implemented with appropriate governance. Applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. Applications use web services to communicate across application boundaries. Processes and infrastructure for managing service endpoints, service discovery, and routing of application messages is in place. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems. Components and services are explicitly tagged for reuse. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks. Applications' deployment standards are consistently followed. A consistent platform for running and managing applications is implemented, and applications are designed with consistent approaches to health monitoring. Operations proactively monitors applications and back-end services using a shared thresholds/alerting infrastructure, and a centralized management tool and/or self-service interface is used to manage applications, services, and physical and virtual assets. Application and service monitoring data may be rendered on process performance dashboards.
Custom Developme
nt
Internet ApplicationsUser experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation). Pages are dynamic and database-driven, and may use some templates for replication of content across them. Custom coding is needed to work on different browsers.
Component and Service Composition
Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Along with IT, business units are becoming suppliers of reusable assets and realize that they can empower their users by connecting services and experience, building upon the assets that the central IT team provides and by creating their own. Creation of LOB extension applications can be accomplished without a lot of custom code and through the assembly of existing components. There is a designated tool for the creation of composite LOB extension in addition to the integration with advanced developer tools. However, other tools continue to exist for different functional purposes like workflow, UI creation, etc. Business productivity and collaboration applications, features, and infrastructure can be easily leveraged as components to integrate powerful and familiar capabilities into the context of a composite application interface. The organization overall realizes that services and UI needs to blend, start rationalizing which UI standard they will be driving to, and move to a point where every service has a “face” that is consumable for composing new applications. End users can share their created solutions back to the repository. Mechanisms exist to allow for ranking and rating of solutions and components. A managed central repository of all configuration items, assets, and systems provides dependency maps, reporting, and metrics for development and operations teams across the organization to manage integrations, performance, and scale.
Enterprise Integration
Use of standardized processes for data integration is at the project level and technologies are used to improve back-end integration. The business leverages an integration broker running on-premises to connect to cloud applications using adapters. Application integrations leverage standard application messaging protocols and infrastructure to connect various applications running on-premises and in the cloud, connecting mission-critical data and transactions across enterprise applications. Centralized data integration strategies and tools are used across the enterprise.
Development Platform
Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.
Application Lifecycle Management
Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. Issue tracking is well integrated with change management. Test-driven development is accepted. Applications are designed for testability, with architectural and layer verification and validation. Agile testing is integrated tightly with agile development. Users and stakeholders are engaged on an ad hoc basis. Unit testing, static analysis, and profiling are used regularly. A repeatable release process is in place with integrated configuration management, work item tracking, and automated builds with BVTs. A defined code promotion strategy that minimizes disruptions is followed and a gated check-in protects key code lines. Virtualized test labs are used regularly. Development and test environments are virtualized, and standard virtualized images of development and test environments exist. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.
Phase 2: APOBasic Standardized Rationalized Dynamic
B S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
Automated build, deployment and provisioning processes with orchestration to configure new instances of services based on a template that can be composed of multiple virtual images; real time reporting. Resource provisioning and deprovisioning occurs dynamically and is elastic. Workloads are relocated dynamically. The organization uses virtualization to manage resource allocation dynamically for running workloads and services including moving workloads from server to server based on resource needs or business rules. Service performance monitoring with automated remediation and centralized view across all SLAs; consolidated view across all management tools. Real-time policy enforcement and reporting are based on company and industry-standard polices with automated non-compliance resolution for all IT services. Services are available during complete site outage (via geo-clustering and automated management).
Server Security Network security is automated and proactive, with centralized alerting and reporting to meet network protection service-level agreements. Secure remote access is integrated with quarantine for compliance with corporate policy.
Networking
Redundant Domain Name System servers exist on a separate network to provide fault tolerance and isolation, including ability to do zone transfer across boundaries. The Dynamic Host Configuration Protocol infrastructure is aware of the virtual local area network. Quality of service is in place for prioritizing applications and services with intelligent allocation of bandwidth. Network capacity is virtualized and available via pools that are consumed by VMs and services based on dynamic management driven by service models. Wide area network traffic health and performance is monitored and reported centrally, providing real time visibility with integration into service management tools. Using IPv6 with IPSec for secure private communication over public network.
Storage
Critical data can be replicated with failover between geographical or virtual locations or services to provide business continuity in the event of a site failure. Critical data across the enterprise is protected continuously by replicating it at a separate location or by using a cloud-based service; data backups can be recovered by using a self-service recovery process. Data archiving is managed based on storage location by using automated compliance and retention policies such as rights management, read-only storage, and file expiration; Archiving capacity is elastic across boundaries with automatic capacity expansion within limits set by business policy.
Device Deploymen
t and Manageme
nt
Device Mgt & Virtualization
There is an automated solution for federated management of all devices. Mobile devices are managed and integrated with core infrastructure services for policy configuration and enforcement including multi-factor authentication.
Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.
Identity & Security Services
Identity & Access Centralized IT offering of Federation services. Multiple Federation and trust relations between separate organizations 1 to 1 relationship.
Information Protection & Control Persistent information protection is automatically identified and encrypted according to policy across environment and devices
IT Process & Compliance
Definitions of reliability for IT services have formal, predictive models. Reporting on service-level and operational-level agreements occurs in real time across the organization; IT services are provisioned dynamically to provide the required levels of reliability and scalability; all tasks that can be automated are automated. Monitoring, reporting, and auditing are automated with event correlation, notification of incidents that matter, and remediation for protection against malware, protection of information, and identity and access technologies. Risks and vulnerabilities are analyzed across all IT services against developed models; compliance objectives and activities are automated, and then updated automatically based on changes to IT policies.
Phase 3: Core IOBasic Standardized Rationalized Dynamic
B S R D
Collaboration
Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications.
Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services.
Social Computing
Project Mgt
Information access
Interactive experience and navigation
Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory.
Unified Communic
ations
IM/Presence
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
Authoring
Multi-Device Support
Interoperability
User Accessibility
Phase 3: BPIOBasic Standardized Rationalized Dynamic
B S R D
BI and Analytics Platform
Business IntelligenceData Analysts use powerful data management workbench with integrated access to tools for data preparation, cleansing, multi-variate analysis, and a sophisticated set of data mining algorithms with extensibility and tuning options. Data Analysts can easily publish their findings and data sets for access by business users.
Data Warehouse Management
EDW is refreshed on a near real-time basis so that information is readily available to mission-critical applications, analytics, and reporting systems. A high degree of concurrency exists, with many users running complex queries and interacting with complex analytics tools simultaneously with data loading. Management and maintenance of storage, hardware, and supporting software is manual and ad hoc.
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas. Metadata and taxonomies are defined, implemented, and formally managed in one or more repositories with more reliance upon policy-based management to ensure proper configuration and adherence to policies. Business has begun to consolidate data, management plans, and policies for consistency across information stores.
Application Infrastructure
Use of standard application services supported by the operating application infrastructure environment is maximized. Engineering of infrastructure, shared application services, and application frameworks is performed jointly by development and operations teams, resulting in complete symmetry between development and operating environments. Many application characteristics can be modified by changing application configuration instead of code. Deployment of applications is simplified, consistent, and supported by automation. On-demand capabilities exist to add/change/remove application components without risk of downtime. Application blueprints do not have physical dependencies. Application and cross-application end-to-end process health management is proactive, with sophisticated SLAs and alerting structures in place.
Custom Developme
nt
Internet Applications
User experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation). Pages are dynamic and database-driven, and may use some templates for replication of content across them. Custom coding is needed to work on different browsers.
Component and Service Composition
User solutions can be promoted to IT-managed services. Policies and support exist to manage the data from these solutions in a safe and secure manner. Central IT can easily discover, monitor, and analyze business unit solutions for compliance. IT can easily leverage the dependency web to analyze relationships with business and technical assets to minimize service disruptions. IT measures usage and dependencies, and can invest in innovations based on usage. User experiences for composed applications are delivered through multiple channels (web, desktop, and mobile) systematically.
Enterprise Integration Applications leverage an application communication infrastructure deployed in operations that is actively managed and has dynamic routing capabilities.
Development Platform
Use of standard application services supported by the operating application infrastructure environment is maximized. Architectural layering is enforced as part of code delivery and build automation. Engineering of infrastructure and central application services is performed jointly by development and operations teams, resulting in complete symmetry between development and operating environments. Development work management tools are integrated with operations incident management systems.
Application Lifecycle Management
Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. Issue tracking is well integrated with change management. Test-driven development is accepted. Applications are designed for testability, with architectural and layer verification and validation. Agile testing is integrated tightly with agile development. Users and stakeholders are engaged on an ad hoc basis. Unit testing, static analysis, and profiling are used regularly. A repeatable release process is in place with integrated configuration management, work item tracking, and automated builds with BVTs. A defined code promotion strategy that minimizes disruptions is followed and a gated check-in protects key code lines. Virtualized test labs are used regularly. Development and test environments are virtualized, and standard virtualized images of development and test environments exist. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.
Phase 3: APOBasic Standardized Rationalized Dynamic
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
Agenda
IT Benefits of the Integrated Enterprise Platform Approach
Dynamic IT infrastructure that has scalable workloads
Cost-effective and time-efficient data recovery
Integrated custom and legacy applications
Effective management of multiple identities across organizations
Security management across the organization that includes flexible, diverse user scenarios
Compliance of IT operations and asset management with requirements
Is a key driver of business productivity and growth
Fuels profitable revenue growth
Gives managers more insight and control
Encourages employee productivity
Benefits of Optimizing IT Capabilities
Grow revenue 6.8% faster per year than their peers in the bottom 25% of IT capability.
Enjoy 23% higher revenue per employee than their peers in the bottom 25% of IT capability.
Achieve superior productivity (a company’s IT infrastructure is a key determinant).
Have significantly better insight into, and control over, key dimensions of their business.
Source: Enterprise IT Capabilities and Business Performance, Marco Iansiti, David Sarnoff Professor of Business Administration, Harvard Business School George Favaloro, Principal, Keystone Strategy, Inc-March 2006, http://www.microsoft.com/business/enterprise/itdrivesgrowth.mspx
Optimized IT… Companies in the top 25% of IT capability…
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
Integrated Capability Analysis
Ensure target business capabilities cover process improvement priorities
Translate business capabilities into required infrastructure capabilities
Assess current infrastructure maturity
Determine gaps to target integrated capabilities
Build a road map for integrating capabilities and implementing solutions
Specify required platform architecture, technologies, and services
Baseline the Microsoft platform road map
Next Steps
Integrated capability analysisExplore the Integrated Enterprise Platform
Create a high-level implementation road map
Identify resources in your organization
Business analysts
Solution architects
Platform architects
Infrastructure architects
IT infrastructure managers
IT operations managers
Review the technology road map
Translate into a solution capability road map to review with the business
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.