1 / 24

Operational Efficiency @ MS

Operational Efficiency @ MS. Tibor Kolejak Regional IT Site Manger Microsoft Czech Republic. Company Logo Here. IT@Microsoft. 72,000 mailboxes. 150,000+ PCs >7,000 servers. 20 (?) Microsoft Exchange Messaging Servers. Stockholm. Benelux. Dublin. Munich. TVP. Chicago. Canyon Park,

zuriel
Télécharger la présentation

Operational Efficiency @ MS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operational Efficiency@ MS Tibor Kolejak Regional IT Site Manger Microsoft Czech Republic Company Logo Here

  2. IT@Microsoft • 72,000 mailboxes • 150,000+ PCs • >7,000 servers • 20 (?) Microsoft Exchange Messaging Servers Stockholm Benelux Dublin Munich TVP Chicago Canyon Park, Redmond Les Ulis Milan Madrid Chofu & Otemachi Silicon Valley Charlotte Los Colinas Dubai • 400+ supported Microsoft sites worldwide Singapore • >400 apps • 26M voice calls per month • 50K employees • 5K contractors • 17K vendors Sao Paulo Sydney Johannesburg • 4.5M+ e-mail messages per day internally

  3. Challenges • Large, highly dynamic environment • Security • 2,500 attacks, probes, and scans daily • Over 125,000 virus-infected messages quarantined monthly • Unique IT environments for product development, testing, support, and research require special security • Technology-literate staff • 95% with local administrator right to their desktop

  4. Operational efficiency To get more with less… To increase service levels with less money… Adequate synergy of various factors required! Platforms People Management tools Processes Network solutions Platform etc.

  5. Agenda • Model Enterprise • Windows Server 2003 Deployment • Microsoft Operations Manager • SMS 2003 Deployment

  6. Local Office DC Internet Model Enterprise DSL/Local ISP/ Leased Line to local ISP AT&T/GX/Equant Leased Line AT&T/GX Leased Line ICO 1 - ICO 2 - Standard Building

  7. Beta 2Mar 2001 Beta 3Nov 2001 RC1Jul 2002 RC2Dec 2002 RTMFeb 2003 LaunchApr 2003 Int. Installations 2 296 3 590 3 663 3 718 3 765 3 790 Windows Server 2003 Deployment • Major milestone for MS • A lot of new innovative features • Internal deployment coming from the need to improve security, availability and reliability

  8. 0FutureTechnology Major Phases of Deployment • Future Technology • Integration Planning • Test and Pilot • Enterprise Deployment • Sustain and Manage 4Sustain &Manage 1Integration Planning 3EnterpriseDeployment 2Test &Pilot

  9. Business Benefits • Reliability • Scalability • Security • Lower Support Costs

  10. Microsoft Operation Manager Situation Monitoring the enterprise with many different tools makes the task expensive and inefficient Solution Consolidate and adopt Microsoft Operations Manager as key enterprise

  11. Groups @ MS IT using MOM • Business Unit IT • Messaging and Collaboration Services • Enterprise Infrastructure Services • Corporate Security

  12. Business Benefits • Lower TCO • Proactive versus reactive/ Server availability increase • Scaleable • Flexible and interoperable

  13. Patch Management Situation • Security vulnerabilities can lead to loss of revenue and intellectual property Solution • SMS 2003 is key tool in Microsoft IT patch management process

  14. Patch Management Framework 1. Assess Environment to be Patched Periodic Tasks A. Create/maintain baseline of systems B. Access patch management architecture (is it fit for purpose) C. Review Infrastructure/ configuration Ongoing Tasks A. Discover Assets B. Inventory Clients 2. Identify New Patches Tasks A. Identify new patches B. Determine patch relevance (includes threat assessment) C. Verify patch authenticity & integrity (no virus: installs on isolated system) 1. Assess 2. Identify 3. Evaluate & Plan Patch Deployment Tasks A. Complete patch acceptance testing B. Obtain approval to deploy patch C. Perform risk assessment D. Plan patch release process 4. Deploy the Patch Tasks A. Distribute and install patch B. Report on progress C. Handle exceptions D. Review deployment 3. Evaluate & Plan 4. Deploy

  15. Business Benefits • Automated security update and application deployment • Enforcement within prescribed timeframes • Minimized unplanned downtime • Central reporting and administration • Clear communication path • More accurate and efficient patch management • More updates, fewer administrators, less time • Reduction in manual effort to deploy updates • Automated tools, fewer scripts

  16. Server Patch Management Architecture 1 Central Site ServerWindows Server 2003SQL Server 2000 SP3a 10 Primary Site ServersWindows Server 2003 6,000 Windows Server 2003–Based Servers Running SMS 2003Advanced Client with Advanced Security

  17. Server Patch Management Process: Team Roles • MSRC • Releases security bulletins • Corporate Security • Assigns deployment priority • Data Center Operations • Manages data centers • Hosts SMS infrastructures • Patches servers

  18. Server Patch Management: Phases Two schedules, one deployment/enforcement process • Phase 1: Monitoring for security bulletins and updates from Microsoft • Process of deploying update to servers begins after update is released

  19. Server Patch Management Process: Phases • Phase 2: Determining the risk level • MSRC - Critical, Important, or Moderate • CSCT - Deployment scheduled - based on adjusted MSRC rating • DCOPS - Security Update Inventory Tool helps determine which servers are vulnerable • MBSA scans for missing/installed updates

  20. Server Patch Management Process: Phases • Phase 3: Testing • Deploying synthetic patch to test deployment success • Monitor success, investigate and fix failures

  21. Server Patch Management Process: Phases • Phases 4–7: Deploying the patch 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Thursday Friday 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Standard Deployment Saturday 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Sunday 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Hour 1 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Hour 2 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Hour 3 Emergency Deployment 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M. Hour 4 12 A.M.–4 A.M. 4 A.M.–8 A.M. 8 A.M.–1 P.M. 1 P.M.–4 P.M. 4 P.M.–8 P.M. 8 P.M.–12 A.M.

  22. Server Patch Management Process: Phases • Phase 8: Reporting • Determine success of deployment and degree of voluntary patching • Advertisement Status Viewer

  23. Demos

  24. Asante sana kusikiliza!tkolejak@microsoft.com

More Related