presenter microsoft sales representatives audience technical decision makers (tdms) who are...
TRANSCRIPT
Optimized Data Center
Capability Discussion Presentation
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
AgendaAgenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
Business Driver
Phase 1 Phase 2 Phase 3
ENSURE A SCALABLE, RELIABLE PLATFORM AND EXTEND THE DATA CENTER TO THE CLOUD
Allow for increased business agility by enabling a dynamic IT infrastructure to improve performance and scalability for applications and services in the data center via quick and easy configuration of servers, including the ability to scale environments up and out
Ensure a stable and controlled environment for business-critical applications to meet service levels and reduce cost and complexity of the IT infrastructure at branch offices via virtualization to consolidate multiple, underused physical servers; ensure continual availability; and recover quickly from disasters—while reducing IT hardware and operating costs for servers
Increase business agility by providing on-demand access to critical business information from nearly any device and from virtually anywhere, through a combination of cloud and on-premises resources via the ability to extend the data center to the cloud to enable federated services across the cloud, and by providing the ability to scale capacity and resources up or down to respond to business demands
ENABLE END-TO-END SERVICE MANAGEMENT
Centrally monitor the operations of essential data center services for availability and performance via easy-to-use administrative tools to quickly and easily manage and monitor configuration controls across server workloadsMake server, networking, and storage more efficient to provide maximum scalability and cost effectiveness via network load balancing to increase performance by sharing workloads across multiple serversProvide visibility into hardware and software assets and the identity and location of people who use them via an up-to-date inventory of all hardware and software assets
Realize high data availability, performance, and protection in the data center to improve service delivery via fault tolerance and different storage capacities, performance, and management options that include high-performance storage, storage area network (SAN) backups, and maximum flexibility in allocating and sharing storageCentrally monitor and manage the operation of critical server infrastructure, end-user systems, and services to adhere to service-level agreements (SLAs) via remote management of servers through the command-line, automated scripts, and remote management servicesProvide the ability to repurpose a standardized set of services, software, and hardware in response to new workload requirements via standardized, managed images for deployment, application delivery, updates, patches, and security fixes in a single distributionSupport changing workload requirements and deploy application and security updates for third-party and custom line-of-business (LOB) applications via catalogs of standard and custom services, software, and hardware
Deliver integration, efficiency, and business alignment of the data center IT services by enabling informed and cost-effective decision-making from incident, problem, change, or asset records via integrating information from disparate IT management systems and delivering out-of-the-box reporting and flexible data analysisProvide the ability to manage cross-platform systems via extensibility and interoperability with third-party applications, services, and devicesProvide intelligent reporting and monitoring to enable proactive preventative maintenance and achieve maximum use of IT resources via remote diagnosis and remediation of problems to respond immediately to issues that may affect the organization's IT environmentUse tools and automation to help optimize infrastructure to meet demand according to SLAs via end-to-end service management, including SLA dashboards and reporting
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Business Driver
Phase 1 Phase 2 Phase 3
ENABLE END-TO-END SERVICE MANAGEMENT (continued)
Back up server data that supports critical services in accordance with standard IT practices and help ensure recovery from damaged or lost data, hardware failure, and disaster via identifying critical services based on value of data, cost of outage, and other business-driven metrics and via optimized techniques to help ensure successful backup of all critical servers according to outlined recovery goals
Provide ongoing protection of data in the data center and ensure rapid data recovery to a near-current point in time that is acceptable to IT service owners via specifying multiple backup and recovery points that don't require recovery of the whole serverProvide support to accommodate planned downtime and reduce unplanned downtime without affecting availability via failover clustering, streamlined maintenance, and disaster recovery options to eliminate single points of failure
Ensure continual backup and archiving of data to enable recovery of any service to nearly any point in time, and enable rapid restoration of the data center environment via continuous or near-continuous data backup and archiving based on workload; including multiple recovery points for fast rollback, recovery of essential services, and one-touch application restorationEnable geographical diversification by providing high availability, disaster recovery options, and increased service uptime via business continuity solutions based on virtualization to deliver better business continuity at branch offices while optimizing the number of required physical servers
UNIFY PHYSICAL AND VIRTUAL ENVIRONMENTS ACROSS CUSTOMER PREMISES AND THE CLOUD
Centrally manage distributed servers across physical and virtual environments with relative ease via a physical and virtual infrastructure managed centrally from one console to optimize software and hardware usage
Reduce the complexities of deploying and running virtual environments via fast and reliable physical-to-virtual-machine and virtual-to-virtual-machine conversions and via reducing planned downtime associated with routine system maintenanceMaximize resource utilization across physical and virtual server environments to balance loads via analyzing performance data and resource requirements and via centralized resource optimization to move virtual machines without downtimeEnable dynamic and responsive management of offline virtual machines while minimizing administrative costs via regularly updating virtual machines that are offline
Deploy a systematic and secure solution in the cloud that integrates with on-premises assets and provides a consistent experience managing application workloads over multiple virtual and physical environments via a flexible and familiar cloud computing infrastructure on a consistent platform that is based on Microsoft Windows
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Business Driver
Phase 1 Phase 2 Phase 3
PROVIDE MORE SECURE REMOTE ACCESS
Secure the IT infrastructure from attacks while preserving access to corporate resources across the enterprise, including endpoints, server applications, and network via an environment that is secured through policy validation, network restriction, and ongoing monitoring of network health and via defense in depth across multiple layersHelp enable secure remote access to information from nearly anywhere, wherever the business requires it via a secure and well-managed messaging and collaboration infrastructureManage credentials to allow only legitimate users access to devices, applications, and data via strong authentication and aggregation of identities across the enterprise into a single viewProvide IT administrators with an integrated view of the configuration status of servers and with detailed, location-specific views of potential issues to mitigate compliance risks via easy-to-use administrative tools to quickly and easily manage and monitor configuration controls across server workloads and gain visibility into the state of the infrastructure
Provide secure remote access to information while enabling IT administrators to centrally manage network access and to control and monitor health policies via enabling policy-based access and standardized security, management, and configuration controls; and by centralized audits of system security for collecting, storing, and analyzing security event dataEasily and automatically provision and deprovision users' rights to access services in accordance with defined policies via managing the entire life cycle of user identities and their associated credentials, identity synchronization, certificates, and passwordsProvide fast and reliable authentication services in branch offices that cannot ensure physical security via deploying a read-only domain controller for improved security, faster logon times, and more efficient access to resources on the networkHelp improve security and compliance and centrally monitor and track changes to system configuration to identify and audit security breaches and compliance failures via identity tracking and enforcement and a centralized database of audit logs that includes flexible custom views and configurable event logs to manage system configuration baselinesEnforce security measures and monitor key security events for all servers and networking components in the data center via reports and dashboards to help administrators investigate the causes of non-compliance so they can take measures to establish appropriate policies, procedures, and controls
Secure and manage users' internal and external access across systems, from virtually any location and any device via enforced security policies that provide robust protection and can flexibly support the connectivity needs of an increasing number of internal and external users, devices, system configurations, and network connection typesEnable organizations to share digital identities with trusted partners, customers, and vendors to provide seamless access to applications via federated identity and access management to enable the sharing of identity information more securely across organizational boundariesImplement strong, multi-factor, trusted authentication of users' credentials and enforce them by policy via digital certificates and smart cardsProvide the ability to secure on-premises and off-premises applications that extend beyond organizational boundaries via federated identity and access control through rules-based authorization and flexible, standards-based service that supports multiple credentials and reliant partiesEnsure automatic identification of security and compliance threats and automated mitigation of all deviations from security policy via detailed configuration auditing and reporting, security metrics, and event analysis that correlates with real time
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Business
Today Future
Dynamic business agilityand low TCO
Optimizing Finance Operations
Multiple Enterprise Solutions
Point solutions
Siloed, disconnectedtechnology
investments
High TCO | Low agility
Sales Effectiveness
Improving Customer Service
Integrated capabilities
Why the Integrated Enterprise Platform Approach?
Supporting Microsoft Technologies
Client Capabilities Infrastructure Optimization Models
Infrastructure Capability Integration
Business Solutions
Solution Areas
Application PlatformApplication Platform
Optimization
Infr
astr
uctu
re O
pti
miz
ati
on Infrastructure Optimization Models
IT P
rocess &
Com
plia
nce
Business Productivity Infrastructure Optimization Model
Collaboration
Unified Communications
Enterprise Content Management
Enterprise Search
Reporting and Analysis
Content Creation
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Data Center Services
Client Services
Identity & Security Services
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Client Capabilities Infrastructure Optimization Models
Infrastructure Capability Integration
Business SolutionsSolution Areas
Application PlatformApplication Platform
Optimization
Infr
astr
uctu
re O
pti
miz
ati
on
Relationships Between Integrated Capabilities
Infrastructure Optimization Models
IT P
rocess &
Com
plia
nce
Business Productivity Infrastructure Optimization Model
Collaboration
Unified Communications
Enterprise Content Management
Enterprise Search
Reporting and Analysis
Content Creation
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Data Center Services
Client Services
Identity & Security Services
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Integrated Enterprise Platform
Client Capabilities Infrastructure Optimization Models
Infrastructure Capability Integration
Business Solutions
Solution Areas
Application PlatformApplication Platform
Optimization
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
IT P
rocess &
Com
plia
nce
Business Productivity Infrastructure Optimization Model
Collaboration
Unified Communications
Enterprise Content Management
Enterprise Search
Reporting and Analysis
Content Creation
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Data Center Services
Client Services
Identity & Security Services
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Business Productivity Infrastructure
Core Infrastructure
Infrastructure Dependencies
Infrastructure Optimization Models
Each capability has four levels of maturity:
BasicStandardizedRationalizedDynamic
What are these used for?Profiling integrated capabilities, leading to model common capabilitiesUnderstanding dependenciesPlanning advancement in services provided to lead to enterprise-class capabilities
Optimization Model Capability Maturity Levels
IT P
rocess &
Com
plia
nce
Business Productivity Infrastructure Optimization Model
Collaboration
Unified Communications
Enterprise Content Management
Enterprise Search
Reporting and Analysis
Content Creation
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Data Center Services
Client Services
Identity & Security Services
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Business Productivity Infrastructure
Core Infrastructure
Infrastructure Dependencies
Business Productivity
InfrastructureCore Infrastructure
Infrastructure
Dependencie
s
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Ensure a scalable, reliable
platform and extend the data
center to the cloud
Enable end-to-end service
management
Unify physical and virtual environments
across customer premises and the
cloud
Provide more secure remote
access
Business Productivity
InfrastructureCore Infrastructure
Infrastructure
Dependencie
sOperation
sHuman
Resources SalesFinance
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Business Productivity
InfrastructureCore Infrastructure
Infrastructure
Dependencie
s
Business Benefits IT Benefits
FamiliarityHigh user familiarityFaster adoption rateLower time to value
AgilityFast, efficient deploymentGreater integration
RobustnessConsistent featuresData integrationProcess integration
ScalablePerformance and reliabilitySecuritySupport skills and processes
Lower TCOCommon support skills and processesLower integration costsLow cost software
SustainableContinuity and long-term viability
Value of Integrated Capabilities from Microsoft
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Challenge: Align with Business Goals
IT Strategy and Business
Alignment
OperationsManagement
InnovationEnablement
Business Strategy and
Goals
Cost center More efficient cost center
Business enabler Strategic asset
Time
Valu
eOptimizing the Integrated Enterprise Platform
Sophistication of the Solution
Phase 1
Provides basic support for the most critical elements of the business driver
Phase 2
Provides adequate, typical support for critical and priority elements of the business driver
Phase 3
Provides thorough, streamlined support for the business driver that enables differentiated levels of performance
ENSURE A SCALABLE, RELIABLE PLATFORM AND
EXTEND THE DATA CENTER TO THE CLOUD
PROVIDE MORE SECURE REMOTE ACCESS
ENABLE END-TO-END SERVICE
MANAGEMENT
UNIFY PHYSICAL AND VIRTUAL ENVIRONMENTS ACROSS CUSTOMER PREMISES AND THE CLOUD
Phase 1 Basic
Standardized
Rationalized
Dynamic
B S R D
Core IO
Data Center
Services
Data Center Mgt & Virtualization
A defined set of core standard images exists. There is a defined, end-to-end server deployment process that includes application compatibility testing. Deployment and management of software updates are centralized for the majority of servers. Software asset management processes are automatic and a tool and data repository for hardware and software are in place to track and audit server assets. Monitoring of current resource needs occurs in real time and utilization is compared to existing capacity. Use-analysis tools are used to predict the impact of change (software, hardware, usage, and topology). IT system (hardware, hypervisor, OS, and application)-aware monitoring and reporting on the majority of applications are in place across the heterogeneous environment, with defined service-level agreements and manual remediation functionality. Servers and IT systems are audited for compliance based on documented company and industry-standard policies (HIPPA, SOX, and PCI); reports are generated monthly. Services are available during server failure (via server clustering or hot spares). The organization has a consolidated view of and a consolidated management process for heterogeneous virtual environments, including branch offices.
Server Security
Malware protection is centrally managed across server operating systems, including host firewall, host IPS/vulnerability shielding, and quarantine. Protection for all collaboration applications (such as e-mail, document sharing, and instant messaging) is centrally managed. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation. Remote access is secure, standardized, and available to end users across the organization.
Networking
Zone creation and record updates are automatic to support directory services. Redundant Domain Name System servers exist in a single location and provide fault tolerance. A Dynamic Host Configuration Protocol server dynamically registers the client host name IP address; the Domain Name System presents a unified view to the namespace. Dynamic Host Configuration Protocol servers are aware of sub-networks. The deployment model for files and intranet traffic uses distributed caching. Branch traffic health and performance are monitored and reported manually.
Storage Storage is managed on individual servers or disk arrays. No data is lost if a single disk or system component fails, but data availability may be interrupted. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite.
Client Services
Client Mgt & Virtualization
An image library and deployment process are in place for operating systems. Desktop applications and system events are centrally monitored for critical desktop systems. Hardware and software inventory is automated and reporting is centralized. Information may not be complete or accurate, and typically is not used for decision-making. Inventory is reconciled annually.
Client Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall. Non-PC devices are managed and protected through a separate process.
Identity &
Security Services
Identity & Access
Provisioning and de-provisioning of user and super-user accounts, certificates, and smart cards is automated; access control is role-based. Password resets and group management are limited, through custom in-house tools or manual processes. Password policies are set within the directory service to enable life-cycle management. There is a centralized access policy for business resources, with some standardization in the policy. A centralized, scalable directory works across geographies for all intranet applications, and supports authentication and authorization.
Information Protection & Control Persistent information protection exists within the trusted network to enforce policy across key sensitive data (such as documents and e-mail).
IT Process & Compliance
Individual business units align with the IT service portfolio. IT service costs, returns, capacity, availability, continuity, and integrity are reported. IT policies are documented for each IT service. Each IT service has a formal definition of reliability. Each IT service provides service-level or operational-level agreements. Processes to manage incidents and problems are in place for each IT service. Monitoring, reporting, and auditing are in place for IT services. Monitoring and reporting are centralized for protection against malware, protection of information, and identity and access technologies. Incident and problem management processes are in place for each IT service. Each IT service has its own change and configuration management process; standard changes are identified for each IT service. Risk and vulnerability are formally analyzed for each IT service. IT compliance objectives and activities are defined for each IT service.
BPIO
Collab
Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications.
Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure. Governance policies are fully in place, including single sign-on supported by uniform directory services.
Social ComputingProject Mgt
UC
Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall.
IM/PresenceConferencingVoice
ECMInformation MgtProcess EfficiencyCompliance
Enterprise Search
Information AccessInteractive Experience & Navigation
Reporting &
Analysis
Dashboards Users create and manage basic team or corporate scorecards that may not use cascading metrics or take a balanced scorecard approach. Users create and share information securely through dashboards that require manual updates. Diagrams are linked to data and shared as static Web pages or in PDF.
Analytics & Data MiningReport Generation & Distribution
Content Creation
AuthoringMulti-Device SupportUser AccessibilityInteroperability
Database Dependencies Design & Management: Formal data management and administration tasks are in place for installation, configuration, management, and maintenance of databases, user accounts, database availability, recovery, and reporting.
Integration DependenciesDevelopment Dependencies
Phase 2 Basic
Standardized
Rationalized
Dynamic
B S R D
Core IO
Data Center
Services
Data Center Mgt & Virtualization
Images are maintained at current update levels. There is an automated, end-to-end server deployment process with task sequencing. Software update management and auditing are policy-driven and monitored, including automated vulnerability detection. The IT software asset life cycle is managed using vision, policies, procedures, and tools. Asset and business target management are based on reliable information. IT system (hardware, hypervisor, OS, and application)-aware monitoring and reporting are in place with basic remediation. There are consolidated views of all management tools and consistent reporting across heterogeneous systems. Policy enforcement occurs in near real time based on company and industry-standard polices that allow for immediate quarantine of non-compliant systems, and consistent compliance reporting and standards exist across all data center services. There are multiple levels of service availability clustering or load balancing. The organization uses virtualization to manage resource allocation dynamically for workloads, including moving workloads from server to server based on resource needs or business rules.
Server Security Secure remote access is integrated with quarantine for compliance with corporate policy.
Networking
Automatic server cleanup uses scavenging. A Dynamic Host Configuration Protocol server is deployed and configured for IPv6 settings with options related to network connectivity (such as subnet mask and gateway). The Dynamic Host Configuration Protocol infrastructure is aware of the virtual local area network. The deployment model and configuration of the hosted cache is centralized and based on policy. (Main workloads include application streaming, software deployment, patches, and updates). Branch traffic health and performance is monitored and reported centrally, supported by management tools.
Storage
Storage is managed on server clusters or shared storage arrays. Transparent failover occurs if a storage node fails, with no interruption in availability. Sensitive information is stored in disconnected systems or is manually placed in password-protected locations to prevent unauthorized access. Critical data is backed up by taking snapshots using a centralized, application-aware system. Backup copies are stored separately at a physical location or by using a cloud-based service, with fully tested recovery or failover based on service-level agreements.
Client Services
Client Mgt & VirtualizationClient Security
Identity &
Security Services
Identity & Access
Self-service password resets, group management, and related capabilities are supported by workflows. Federation and trust are set manually per instance for select applications or systems across boundaries. Multi-factor and certificate-based authentication is applied in high-risk scenarios, such as remote access or document signing. A centralized, common-access policy is defined for business resources, applications, and information resources; entitlement is managed. A single application directory service covers multiple standards and most applications.
Information Protection & Control
Persistent information protection helps to enforce policy on sensitive data across the enterprise, including data on mobile devices. Policy templates are used to standardize rights and control access to information.
IT Process & Compliance
The organization aligns with the IT service portfolio. Management regularly reviews how the service portfolio and strategy align, and reports costs and returns across IT services. IT policies are integrated across all IT services. Definitions of reliability for IT services are integrated across IT services. Service-level and operational-level agreements are integrated across IT services. Management reviews operational health regularly. Some tasks are automated. Processes to manage incidents are integrated across IT services. Monitoring, reporting, and auditing are integrated across IT services; some capabilities exist for event investigation, analysis, and forensics. Monitoring and reporting are integrated with individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services. The change and configuration management process is integrated across IT services. Standard changes are identified across IT services and automated where possible. Risk and vulnerability analysis is integrated across all IT services. IT compliance objectives and activities are integrated across IT services and automated where possible. Management regularly reviews policy and compliance.
BPIO
Collab
WorkspacesPortalsSocial ComputingProject Mgt
UC
Messaging
IM/Presence
Conferencing
Voice
ECM
Information Mgt
Process Efficiency
Compliance
Enterprise Search
Information AccessInteractive Experience & Navigation
Reporting &
Analysis
Dashboards Analytics & Data MiningReport Generation & Distribution
Content Creation
AuthoringMulti-Device SupportUser AccessibilityInteroperability
Database Dependencies Design & Management: Enterprise-wide standards and practices are in place for discrete areas such as physical storage and capacity planning, performance and tuning, data integrity, and security.
Integration DependenciesDevelopment Dependencies
Phase 3 Basic
Standardized
Rationalized
Dynamic
B S R D
Core IO
Data Center
Services
Data Center Mgt & Virtualization
Isolation and remediation of vulnerable and non-compliant systems are automated. Software mapping spans physical, virtual, and heterogeneous environments and is application-aware with real-time enforcement of compliance for applications that have licensed-based use. All business units follow the same strategy, process, and technology for software asset management. Server provisioning and de-provisioning occur dynamically, on demand, and in real time. IT system (hardware, hypervisor, OS, and application)-aware monitoring and reporting with full remediation and automated disaster recovery are in place. Reporting is comprehensive, in real-time, and is unified and consistent across all data centers. Real-time policy enforcement and reporting are based on company and industry-standard polices with automated non-compliance resolution for all data center services. Services are available during complete site outage (via geo-clustering and automated load management).
Server Security
Malware protection is centrally managed and comprehensive for server operating systems, and includes automated remediation, recovery, and auditing. Network security is automated and proactive, with centralized alerting and reporting to meet network protection service-level agreements. Network security, alerts, and compliance are integrated with all other company tools to provide a complete and company-wide scorecard view and threat assessment. Secure, remote access is nearly always available with bidirectional connectivity. Access to networks and applications is policy-based. Alerts are proactive and security issues are remediated.
Networking User auditing and reporting is based on zones.
Storage
Storage is managed in highly available storage pools. Critical data can be replicated between geographical or virtual locations or services to help ensure business continuity in the event of a site failure. Automatic processes enable identification of sensitive information based on business policy, and to store sensitive information in appropriate locations. Critical data across the enterprise is protected continuously by replicating it at a separate location or by using a cloud-based service; data backups can be recovered by using a self-service recovery process.
Client Services
Client Mgt & Virtualization
The operating system image deployment process is automated, zero-touch, and layered for desktop systems (physical or virtual). Desktop applications and system events are centrally monitored and reported, and trends are analyzed and integrated into incident management systems. Software installed in physical and virtual environments is identified and categorized automatically. There is a single location to track license and contract details and to manage the software allocation. Inventory is reconciled quarterly.
Client Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices. Desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.
Identity &
Security Services
Identity & Access
Provisioning and de-provisioning of all resources, certificates, and smart cards is automated for all users; roles and entitlement are managed and access control is policy-driven. The federation and trust management infrastructure is standardized for applications and systems that cross boundaries. Multi-factor and certificate-based authentication are corporate-wide across all applications and users. End-users can have multiple identities to enable seamless, dynamic role changes (for example, consumer to information worker) based on contextual access enforced by corporate policy. A single application directory service covers multiple standards and all applications in the corporate directory. A centralized directory supports all intranet, extranet, and Internet scenarios, and automatically synchronizes with all remaining directories.
Information Protection & Control
IT Process & Compliance
All IT services are described in the service portfolio; services align with business strategy. IT service costs and returns can be modeled and predicted. IT policies initiate automated remediation. Definitions of reliability for IT services are modeled. Reporting on service-level and operational-level agreements occurs in real time across the organization. IT services are provisioned dynamically to provide the required levels of reliability and scalability. All tasks that can be automated are automated. Standard changes to IT services are managed by self-service provisioning where appropriate. Monitoring, reporting, and auditing are automated across IT services—including dynamic correlation to identify patterns, respond proactively to issues, and coordinate across teams. Monitoring, reporting, and auditing are automated with event correlation and remediation for protection against malware, protection of information, and identity and access technologies. IT services are analyzed automatically for potential problems; preventative actions are automated. All standard changes across IT services are automated and provisioned by self-service processes where appropriate. Risks and vulnerabilities are analyzed across all IT services against developed models. Compliance objectives and activities are automated, and then updated automatically based on changes to IT policies.
BPIO
Collab
WorkspacesPortalsSocial ComputingProject Mgt
UC
MessagingIM/PresenceConferencingVoice
ECMInformation MgtProcess EfficiencyCompliance
Enterprise Search
Information AccessInteractive Experience & Navigation
Reporting &
Analysis
Dashboards Analytics & Data MiningReport Generation & Distribution
Content Creation
AuthoringMulti-Device SupportUser AccessibilityInteroperability
Database Dependencies High Availability: The ability to handle highly tuned workloads by using quantified service-level agreements and real-time query performance enables achievement and maintenance of high levels of data availability and business continuity, with advanced restoration capabilities across the enterprise.
Integration DependenciesDevelopment Dependencies
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Benefits of the Integrated Enterprise Platform Approach
A dynamic IT infrastructure that includes scalable workloads
More effective management of multiple identities across organizations
Compliance of IT operations and asset management with requirements
More timely, cost-effective, and informed decisions regarding management of IT infrastructure and services
Higher availability and more reliable data backup and recovery of services to point in time
Improved disaster recovery options to accommodate planned and unplanned downtime
Reduced operational costs and downtime caused by configuration problems and human error
Is a key driver of business productivity and growth
Fuels profitable revenue growth
Gives managers more insight and control
Encourages employee productivity
Benefits of Optimizing IT Capabilities
Grow revenue 6.8% faster per year than their peers in the bottom 25% of IT capability.
Enjoy 23% higher revenue per employee than their peers in the bottom 25% of IT capability.
Achieve superior productivity (a company’s IT infrastructure is a key determinant).
Have significantly better insight into, and control over, key dimensions of their business.
Source: Enterprise IT Capabilities and Business Performance, Marco Iansiti, David Sarnoff Professor of Business Administration, Harvard Business School George Favaloro, Principal, Keystone Strategy, Inc-March 2006, http://www.microsoft.com/business/enterprise/itdrivesgrowth.mspx
Optimized IT… Companies in the top 25% of IT capability…
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
Integrated Capability Analysis
Ensure target business capabilities cover process improvement priorities
Translate business capabilities into required infrastructure capabilities
Assess current infrastructure maturity
Determine gaps to target integrated capabilities
Build a road map for integrating capabilities and implementing solutions
Specify required platform architecture, technologies, and services
Baseline the Microsoft platform road map
Next Steps
Integrated capability analysisExplore the Integrated Enterprise Platform
Create a high-level implementation road map
Identify resources in your organization
Business analysts
Solution architects
Platform architects
Infrastructure architects
IT infrastructure managers
IT operations managers
Review the technology road map
Translate into a solution capability road map to review with the business
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.