Where Do You Start

1
Where Do You Start?

• Infrastructure Optimisation

2
Workshop 2Infrastructure Optimisation Maturity
Model

• Does knowing where you are help you plan where
  you are going?
• With a focus on reducing risk and cost improving
  SLAs and security and aligning the infrastructure
  requirements to business priorities and the
  Infrastructure Optimisation Maturity (IOM) Model
  asks a lot. Microsoft has introduced the IOM
  model into customer discussions to help position
  how the various aspects of the infrastructure are
  related and to help identify what actions are
  needed to help the customer plan, deploy and
  manage the resources they have.
• In this session we will look at the questions
  being asked and review how an architects
  aspiration of developing an SOA environment is
  dependent on the infrastructure they have to work
  with and with what maturity decisions need to be
  made.

3
Does knowing where you are help you plan where
you are going?
4
Lets talk about
5
Knowing When to Invest

• Increasing Volumes
• Transactional levels and storage volumes
• Market Change
• On-line sales channel
• Step change in the business
• Mergers, acquisition, international growth
• Combination of events
• Process changes, collaboration
• Facilities management
• Power consumption, heat, storage/data centre
• Aging systems and obsolescence
• If it aint broken dont fix it (doesnt work
  anymore)
• TCO, Security, Complexity and Agility

6
Notes

• Mention the items in the hidden slide.. GOALS of
  Reducing risk, cost, TCO, time, fire-fighting.
  To improve responsiveness, reliability
  security SLA, business alignment
• Slide 3 has the 3 sets of issues that customers
  are facing with slide 4 looking at why do
  investments take place
• Slide 5 is about the mix of spending today how
  do we reduce operational costs.. To free up for
  both IT investments and business IT projects.
• Slide 6 is the cost of operating today why do
  we have down time - risk
• Slide 7 the costs of operation are human and
  too much manual leading to high staff costs but
  higher risk without automation
• Slide 8-11 are about the model from gartner
  etc. with workloads
• 12-14 show how if you took deployment our best
  practice around BDD is effective to help you move
  across the model along with patch management
  accelerator etc.
• This leads us onto slide 15 as a summary comment
  on how to take the journey and
• slide 16 .. introduce Kamal who will be looking
  at ways of gaining maturity reducing risk,
  improving compliance, reliability and saving time
  and money - in the server provisioning space.

7
Challenges for Business ITIT Costing Trends
IT Budgets
8
IT Complexity Cost
reducing TCO by building in experience
Infrastructure Costs
Complexity
Support

ManagementCosts
2003
2008
1997
2000
2006
1994
Client Server
N - Tier
9
Enterprise IT Challenges

• Growth
• Customer service
• Regulatory compliance
• Device management
• Varying skill sets
• Mobility

• PC maintenance
• Server sprawl
• Legacy platforms
• Deployment and maintenance
• Identity management
• Software updates

• Malicious attacks, viruses, spam etc.
• Evolving threats
• Patch management, VPN etc.
• Secure access (employees, partners and customers)

10
Solving the Challenge Infrastructure
Optimisation
11
Operational Insights
80 of unplanned downtime is due to People and
Process
Gartner Security Conference presentation
"Operation Zero Downtime", D. Scott, May 2002
12
Challenges for Business ITTCO
Over 60 of TCO over a 5-year period driven by
people costs
Lack of automation impacts all facets of IT
Source IDC 2002, Microsoft Primary Quantitative
Research. 400 30-minute phone surveys of IT
professionals in data centers with 25 or more
servers
13
How Do You Get There?Infrastructure Optimisation
Model
Managed and consolidated IT Infrastructure with
maximum automation
Fully automated management, dynamic resource
Usage , business linked SLAs
Managed IT Infrastructure with limited
automation
Uncoordinated, manual infrastructure
More Efficient Cost Center
Business Enabler
Strategic Asset
Cost Center
Based on the Gartner IT Maturity Model
14
Technology View of Model
15
The Infrastructure Optimisation Model
Dynamic
Rationalised
Standardised
Basic
Centralised with Automated procurement
Centralised configuration authentication
Identity mgt for user identification
No common Identity mgt model
Identity Access Management
Centralized with Automated procurement
Secure remote access Server Monitoring
Antivirus Central Firewall
No Standards
Security Network Monitoring
Centralised with Automated procurement
All Servers
Mission critical server backup/recovery
No Formal Procedures in place
Service Continuity
Automated Reference Image
Manual reference Image Automated asset management
Automated Patch Mgt. Standard Images
No desktop Standards, many images
Desktop Engineering
Secure email Across devices Predictive monitoring
Secure email access across channels
Unified directory for messaging, Spam control,
server health monitoring
Multiple messaging standards
Secure Messaging
16
Infrastructure Optimization
Process Culture Optimisation Microsoft Operations
Framework/ITIL in IOM

• Proactive
• OptimizingCosts and Quality
• Agile
• Self Assessingand ContinuousImprovement
• Taking The Lead

• Reactive
• Ad hoc
• Problem-Driven
• AvoidingDowntime

• Reactive
• Stable IT
• Request Driven
• Change Management and Planning
• Keeping ItRunning

• Proactive
• Accountable
• Increased Monitoring
• Formal ChangeManagement
• SLAs
• Improvement
• Predictability
• Quality Driven

Detailed View
17
How to Take the Journey
18
Technology View of Model
19
Technology View of ModelOne Example
Desktop Lifecycle

• Primary desktop OS is WinXP with images defined
  at corporate level
• Reference Image managed manually
• Automated software distribution, management and
  tracking
• Zero touch upgrade and install
• Application certification and compatibility
  testing

• Automated reference image system connected to
  OEM partner
• Automated patch management extended to servers
• Automated application compatibility testing

• Defined set of standard basic images
• Multiple desktop OS still exist at department
  level
• Automated patch management (WU, SUS, SMS)
• Light touch upgrade and install
• Departmental application testing

• No standard OS image
• All desktops are unique after deployment
• Inconsistent patch management
• Manually deploying and upgrading systems with
  DVDs or CDs
• Limited or ad hoc application testing

20
BDD 2.5 Business Desktop Deployment Accelerator
21
Technology View of ModelOne Example
Security, Networking Monitoring

• LimitedInfrastructure
• Lack of standardised security measures
• Ad hoc management of system configuration
• Limited to no monitoring of infrastructure

• Defense-in-depth security measures widely
  deployed
• Anti-malware protection (i.e. spyware, bots,
  rootkits, etc.)
• Firewall enabled on desktops, laptops servers
• Secure wireless networking
• Service level monitoring on desktops
• IPSec used to isolate critical systems

• Automated patch management (WU, Update Services,
  SMS)
• Edge firewall with lock-down configuration
• Standardised antivirus solution
• Firewall enabled on laptops
• New systems limited to those supported by IT
• Defined set of standard basic images

Automated, central management of

• Security updates for both clients servers
• Application compatibility testing
• Client server firewall mitigations
• Application and image deployment
• Server operations
• Reference image system
• Security event correlation

22
Technology View of ModelOne Example
Identity Access Management

• Active Directory for Authentication and
  Authorisation
• Users have access to admin mode
• Security templates applied to standard images
• Desktops not controlled by group policy

• Active Directory group policy and Security
  templates used to manage desktops for security
  and settings
• Desktops are tightly managed

• No server-based identity or access management
• Users operate in admin mode
• Limited or inconsistent use of passwords at the
  desktop
• Minimal enterprise access standards

• Centrally manage users provisioning across
  heterogeneous systems

23
Technology View of ModelOne Example
Data Protection Recovery

• Local user data stored randomly and not backed up
  to network
• Any backup happens locally
• No user state migration available for deployment

• Standards for local storage in My Docs but not
  redirected or backed up
• Any backup happens at workgroup level
• Backup/restore on critical servers
• Some automation of user state migration available
  for deployment

• Users store data to My Docs and synched to
  server
• Backup managed at company level
• Backup/restore of all servers with SLAs
• User state is preserved and restored for
  deployment

• Self managed backup and restore on all servers
  and desktop data with SLAs

24
Technology View of ModelOne Example
Secure Manageable Messaging
Unified directory infrastructure for access and
messaging Block SPAM at gateway and mailbox
store Server anti-virus that uses multiple
scanning engines Monitor messaging server health

• Running any version of Exchange

• Secure web-based e-mail access
• Use an application-layer firewall to
  pre-authenticate web mail users before they reach
  the mailbox server

Security of mobile devices including remote reset
and remote wipe Detect potential service outages
and receive alerts in advance
25
How do you know where you are?

• Demo Collecting data

26
Infrastructure Investment Alignment Approaches
Strategic Issues
Portfolio of Projects
Pressure for NWW
Approach 2,3,4
IT/Business Projects
INFRASTRUCTURE INVESTMENT PROPOSAL ARE THERE
COMPELLING CUSTOMER ISSUES ?
IT Projects
TCO
IT Capability Supply
Approach 1
New Ways of Working
27
IOI Assessment Results
Value Proposition TCO, SLA, Agility Strategy
Briefing Focus
28
Approach 1 For a given step in the IOI Model

• Basic guidance and format advice

Challenge, Solution/Capability, Benefits TCO,
SLA, Agility
Evidence 1 .n
White Papers, Analysts
29
Infrastructure Optimisation ModelAs you improve
infrastructurethe TCO adds to the Costs based
discussion

• Source Microsoft adapted from Gartner model
• Xp-SP2 TCO

• 44 of Labor cost benefit from
• 6 key Best Practices
• OS standardisation
• Centrally managed PC firewall
• Automated password reset
• Users cannot install software
• Users cannot change settings
• Automated software distribution

• Source Microsoft white paper
• Driving down PC Labor costs with IT Maturity

30
Approach 2 IT Capability Gaps
So What and Why?
Infrastructure Where are we and how well does
IT support our business portfolio?
31
Finding the Capability Gaps
IT Capability Gap?
Infrastructure Where are we and how well does
IT support our business portfolio?
Projects Current/Future and workload
priority With Business or IT classification
32
Then Prioritise IT investment based on frequency
of capability demand
http//www.baselinemag.com/article2/0.1397.1816870
.00.asp
33
Can also Define IOI Maturity Changes
http//www.baselinemag.com/article2/0.1397.1816870
.00.asp
34
Approach 3 IT Investment Duplication
Opportunities

• Avoid Duplication ?
• Reduce Maintenance
• and Delivery
• Increase Budget for
• Value Creation

STRATEGIC
Projects Current/Future and workload
priority With Business or IT classification and
Budgets
INFORMATIONAL
TRANSACTIONAL
INFRASTRUCTURE
Can we improve our project portfolios
Performance through common infrastructure?
35
If Portfolio Project Budgets are available
36
Prioritise Infrastructure to the Frequency of
requirement of Capability in projects and removal
of duplicated investments
By implementing these capabilities at the
infrastructure level, we stand to save in
Project costs and potentially provide reduced
time to IT capability and risk
37
Approach 4 IS Investment Priority for Projects


( Source Cranfield University School of
Management )
38
The IS Investment Priority for Projects
Customer Relationship Management
Intrusion Detection and Prevention
Financial Reporting
( Source Cranfield University School of
Management )
39
Prioritise Your Infrastructure Capabilitiesto
Project Business Priority Portfolio
40
(No Transcript)
41
. and the Key Messages?
Business Value from IT demands a management
process focused on value delivery IT by itself
has no value performance only improves when
people do things differently
JW238