Edward Voermans edwardvinfosupport'com

1
Edward Voermans edwardv_at_infosupport.com Thomas de
Klerk thomask_at_infosupport.com
2
Info Support

• Sinds 1986
• ca 230 medewerkers
• Vestigingen
• Veenendaal (3)
• Utrecht
• Mechelen (België)

• Competence Centers
• Kenniscentrum
• Managed IT Services
• BI/DWH
• PDC
• Business Units
• Finance
• Handel Industrie
• Overheid

3
The Windows-based Hosting Solution

• A collection of best practices, scripts, and
  tools that enables service providers to deploy a
  centralized management infrastructure
• Provides these benefits
• Cost savings even as your data center
  complexities increase
• Highly specialized tools that enable the service
  provider to roll-out managed services quickly

4
Windows-based Hosting Solution Components and
Technologies Used
5
Dedicated Hosting EnvironmentCentralized
Management
Customer
Customer
Customer
SharedSQL
CentralizedManagementStructure
MPS
MOM
SUS
ADS
Data Center
Data Center Admin
6
Server PurposingReal Cost Savings

• Decrease automated build time to 10-20 minutes
• Decrease attended build time from 6 hours to 10
  minutes
• Included with Windows Server 2003 Enterprise
  Edition
• Is your first step in the Windows Server roadmap
  toward Dynamic Systems Initiative (DSI)
• Includes scripting and automation examples
• Provides usage guidance which enables you to
  deploy more quickly, and receiving benefits
  sooner

7
Common Hosting Scenarios

• Discount Dedicated HostingA low-cost dedicated
  server offer with few or no value-added services.
• Managed Dedicated HostingA dedicated server
  offer that includes such services as backup and
  recovery, monitoring, and reporting.
• Shared Web HostingA Web hosting offer where
  multiple customers share services on a single
  server in your hosting environment.
• Application HostingA hosted application offer
  from an independent software vendor (ISV) or
  application service provider (ASP).

8
Centralized Management Active Directory

• Manage all data center tasks with single sign on
• Reduces operational complexity
• Assign specific tasks to authorized individuals
  located outside central administrative site
• Deploy Active Directory for server management
• Lower support costs by delegating administration
  to resellers and customers
• Drive technology through business policies
• Manage group policies through GPMC
• Create policies in Active Directory and apply OUs
  to selected customers or objects
• Lower risk through consistent policy application

9
Monitoring Reporting MOM

• Server and service failures
• Proactive detection of disruption to services
• Provides automated responses to server failures,
  speeding problem resolution and reducing logged
  trouble-tickets
• Provides guidance on using MOM Management Pack
• Monthly customer reporting
• Lowers TCO by automating reports
• Provides sample database reports that detail
  usage
• Data mining
• Uses monitored data for capacity planning
• Gathers intelligent data which facilitates
  up-sell of additional services

10
Service Provisioning Microsoft Provisioning
System

• With the XML-based provisioning framework of
  Microsoft Provisioning System (MPS) you can
  automate the deployment of
•     Messaging and collaboration
•     Customer service plans
•    Directory services and user administration
•    Data hosting
•    Web hosting
•    DNS

11
Update Management

• Version 3.0 provides general information and
  recommendations about update management
  strategies
• Windows Update
• Software Update Services (SUS)
• Windows Update Services
• Microsoft Baseline Security Analyzer (MBSA)
• Systems Management Server (SMS)
• Update all types of servers
• Basic hosting servers
• Advanced hosting servers with SLAs
• Critical infrastructure
• Internal desktops and servers

12
Hosted Windows SharePoint Services Technical
Benefits

• Benefits a service provider through
• Provides rich UI framework
• Enables integration of services using Web Parts
• Provides scalable SQL back-end
• Provides built-in provisioning capability
• Provides secure access through Active Directory
• Manage users with Active Directory single point
  of management for SharePoint, Windows-based
  Hosting, and Hosted Exchange

13
Hosted Windows SharePoint Services Business
Benefits

• Ability to generate additional revenue at low
  incremental cost
• Enables comprehensive SMB offerings including
  Hosted Exchange, Web Hosting and Office
• Enables service providers to bundle with storage,
  broadband, and other services

14
Hosted Exchange Requirements

• Require an enterprise-class system
• Reliable and secure way to access key business
  information
• More than 50 need to collaborate with co-workers
  and partners
• Sales-oriented organizations required more mobile
  access to their business information
• E-mail is typically provided by a service
  provider
• Willing to pay for service level agreement support

15
What Our Solution Provides
Third party add on services
16
Deployment Steps

• Contact Microsoft (spla-nl_at_microsoft.com)
• Organize Best Practice Workshop (1 day)
• Quick start
• Architecture Design Session (on site)
• Proof of Concept (optional)
• Sign-up partner program and SPLA
• Training
• Skills assessment
• Skills gap analysis
• Master class Windows-based Hosting 3.0 Platform

17
Best Practice Workshop

• Goals
• Inventory current environment
• Overview Windows Hosting Platform
• Gap analysis
• Determine added value Windows-based Hosting
• Actors
• Info Support, eQuest Technical Architects
• Product Managers, Architects, System Admins
• Place
• On-site at Hosting Partner
• Duration 1 day

18
Architecture Design Session

• Goals
• Extensive inventory current environment
• Gap analysis
• Technical Architecture
• Deployment plan
• Cost Analysis
• Actors
• Info Support, eQuest Technical Architects
• Product Managers, Architects, System Admins
• Place
• On-site at Hosting Partner
• Duration Varies

19
Windows-based Hosting Solutions

• Technical Review

20
The Microsoft Solution for Windows-based Hosting
version 3.0

• The Microsoft Solution for Windows-based Hosting
  version 3.0 was created to empower hosting
  service providers to lower operational costs
  through automation, while propelling revenues
  through the deployment of enhanced, managed
  services.

21
Windows-based Hosting 3.0Goal

• The solution provides knowledge, tested best
  practices, tools, code samples, and scripts to
  enable you to plan, practice deploying, and then
  efficiently deploy a high-volume hosting solution
  using Microsoft technologies.

22
Solution Overview

• The fourth version of Windows-based Hosting
  launching September 2004.
• A Dedicated Sales and Solutions (Product) team at
  Microsoft that delivers Microsoft technology and
  programs in a hosted infrastructure, including
• Technical training.
• Extensive testing and scenario simulation of
  Windows-based technologies.
• Marketing programs.
• Dedicated premier support staff and two outside
  consulting companies for Windows-based Hosting
  delivery (EQuest) and solution testing and
  training (Implement.com).
• Community groups.
• Joint selling programs.
• Service Provider Licensing Agreement (SPLA).

23
How Windows-based Hosting version 3.0 Improves
the Customer Experience
24
Logical Diagram
25
Windows-based Hosting Solutions

• Break

26
Windows-based Hosting Solution Components
27
Server Purposing Overview

• With Server Purposing you can
• Automate the process of building and configuring
  your system, software, and services.
• Ensure your security policies and process are
  implemented on each system.

28
Server Purposing Automated Deployment Services
(ADS)

• ADS is a downloadable add-on component of Windows
  Server 2003, designed for data centers
  containing over 10,000 servers and provides the
  following
• Automates multi-server builds
• Accelerates the process of preparing, purposing,
  and configuring Windows-based servers from bare
  metal to a fully operational server
• Deploys or configures a server or group of
  servers based on external events such as a
  receipt of a customer order

29
Server Purposing Benefits
 
30
ADS Secure, Hands-Off ImagingZero Touch Server
Builds from Bare Metal
1
4
Bare metal server PXE Boots and task sequence is
initiated
Agent authenticates/ requests image
Target Server
2
5
Controller downloads DOS image for hardware
configuration
Encrypted image is downloaded and deployed
3
6
Image is personalized and boots to full OS with
agent
Controller transfers deployment agent to RAM disk
Logs all activity
SSL
Possibly Multicast
ADS Controller
31
Centralized Management Overview
B

• Centralized Management allows you to do the
  following
• Centrally manage all network users, groups,
  computers and policies
• Increase the number of servers, users, groups,
  and group policies per single administrator
• Manage both shared and dedicated customers
• Delegate administrative tasks to enable secure,
  role-based authentication
• Enhance security with central authentication and
  best practices using Windows Server 2003 Security
  guidance

32
Centralized Management Server-focused Benefits
 
33
User-focused Benefits of Centralized Management
 
34
Active Directory Components of Centralized
Management

• Multi-tenant design
• Isolated resellers
• Isolated resellers customers
• Delegated administration
• This solution proposes centralized management
  using two distinct phases
• Centralized server managementThe first phase
  implements the internal service provider accounts
  and concurrent server rights plus many of the
  required security lockdown processes, in a
  centrally managed solution.
• Centralized user managementThe second phase
  addresses the extension of access rights to users
  outside of the service provider.

35
Active Directory Recommended Design Single Forest
Acmehost.com
Domain Level
Hosting
Admin
Reseller Level
Joebobhost.com
Sallyhost.com
Admin_at_joebobhost.com
Admin_at_Sallyhost.com
Customer Level
Customer1
Customer2
Customer3
Customer4
Admin
Admin
Admin
Admin
36
Centralized Management Recommended OU Design
37
Server Management through Group Policy

• Group Policy is the primary tool for defining
  and controlling how programs, network resources,
  and the operating system behave
• Delegated administration
• Automatic propagation of group policy throughout
  the data center
• Group policy objects (GPOs) enforce
  administrative roles
• Self-healing technology

38
Update Management Overview

• With update management you can control the
  deployment and maintenance of interim software
  releases into your production environments.
  Update management helps you
• Maintain operational efficiency and effectiveness
• Overcome security vulnerabilities
• Maintain a stable production environment

39
Update Management Benefits
 
40
Overview of Update Management

• AssessDetermine what you have in your production
  environment, what security threats and
  vulnerabilities you face, and whether your
  organization is prepared to respond to a new
  software update.
• IdentifyDiscover new software updates in a
  reliable way, determine whether they are relevant
  to your production environment, and whether an
  update represents a normal or emergency change.
• Evaluate and PlanMake a decision whether to
  deploy the software update, determine what it
  will take to deploy it, and test the software
  update.
• DeployRoll out the approved software update into
  your production environment so that you meet the
  requirements of any SLAs you have in place.

41
Update Management Strategies

• The Windows-based Hosting solution provides
  strategies for service providers and information
  about relevant Microsoft technologies, which
  include the following

• Windows Update
• Software Update Services (SUS)
• Windows Update Services
• Microsoft Baseline Security Analyzer (MBSA)
• Systems Management Server (SMS)

42
(No Transcript)
43
Update Management Approaches

• There are several available technologies and
  approaches to update management. The right one
  depends on your situation
• Microsoft Software Update Services (SUS)-- Client
  server technology to streamline your update
  process and centrally manage your updates
• Large-scale operationsIf your data center is
  large or you need additional functionality, the
  Microsoft Systems Management Server (SMS) may be
  your solution.

44
Service Provisioning Microsoft Provisioning
Services (MPS)

• Reduce operational costs and complexity
• Automate provisioning and change management for
  new users, new services and new applications
• Provide extensible framework for continued
  development that improves scalability
• Reduce support calls and associated costs through
  delegated administration of end customer tasks
• Increase predictability and service reliability
• Maximize system administrator efforts
• Faster turnaround time for account set-up
• Reduce customer downtime
• Reduce turnaround time to close security calls
• Improve security recovery
• Improve customer satisfaction
• Decrease time-to-customer-request completion
  enabling faster time-to-market
• Support service level agreements (SLAs)
• Faster turnaround and resolution on support calls

45
Service Provisioning Benefits
 
46
Microsoft Provisioning System Terminology

• XML Request/Response
• MPF Providers
• MPF Procedures
• MPF Namespaces

47
Overview of Microsoft Provisioning System (MPS)
48
Microsoft Provisioning Framework (MPF) Request
Example

• ltrequestgt
• ltdatagt
• ltpreferredDomainControllergtAD01.Fabrikam.Comlt/
  preferredDomainControllergt
• ltcontainergtLDAP//OUConsolidatedMessenger,OU
  Hosting,DCfabrikam,DCcomlt/containergt
• ltuserPrincipalNamegtuser1_at_ConsolidatedMessenger
  .comlt/userPrincipalNamegt
• ltnewPassword do-not-log"1"gtlt/newPassw
  ordgt
• ltisAdmingt0lt/isAdmingt
• lt/datagt
• ltproceduregt
• ltexecute namespaceManaged Active Directory"
  procedure"CreateUser" impersonate"1"gt
• ltbefore source"data" destination"executeDa
  ta" mode"merge" /gt
• ltafter source"executeData"
  destination"data" mode"insert" /gt
• lt/executegt
• lt/proceduregt
• lt/requestgt

49
MPS Request Flow

• New Customer
• Initial request

Web Control Panel
1. HTTP Post via SSL
2. XML Provisioning Request
Request Expansion
3. Request Expansion
4. Providers perform tasks
MPF

• Active Directory Provider
• Create New OU
• Create Groups
• Set Security
• Delegate Permissions
• IIS Resource Manager
• Find Available Resource
• IIS Provider
• Create Folder
• Set Security on Folder
• Create Site
• Set Security on Site
• FrontPage Provider
• Enable SharePoint Team Services

AD
RM
IIS
FP
Request
Tasks
5. XML Response
Active Directory
IIS Resource Manager
IIS
FrontPage
6. HTML Update Complete
50
Anatomy of a Request
51
Microsoft Provisioning Framework (MPF) Response
Sample

• ltresponsegt
• ltdatagt
• ltpreferredDomainControllergtAD01-Wh.Fabrikam.Co
  mlt/preferredDomainControllergt
• ltcontainergtLDAP//OUConsolidatedMessenger,OUH
  osting,DCfabrikam,DCcomlt/containergt
• ltuserPrincipalNamegtuser1_at_ConsolidatedMessenger
  .comlt/userPrincipalNamegt
• ltnewPassword do-not-log"1"gtlt/newPassw
  ordgt
• ltisAdmingt0lt/isAdmingt
• ltpolicyNamegtresellerlt/policyNamegt
• ltuser path"LDAP//cnuser1_at_ConsolidatedMessen
  ger.com,ouConsolidatedMessenger,ouhosting,dcfab
  rikam,dccom" name"user1_at_ConsolidatedMessenger.co
  m"gt
• ltmemberOfGroup name"LDAP//cnAllUsers_at_Cons
  olidatedMessenger,cn_Private,OUConsolidatedMesse
  nger,OUHosting,DCfabrikam,DCcom"gt
• lt/memberOfGroupgt
• lt/usergt
• lt/datagt
• lt/responsegt

52
Overview of Monitoring and Reporting

• Monitoring allows you to
• Correct problems before outages occur.
• Reduce the costs of resolving problems when they
  do occur.
• Meet your service level agreement obligations.
• Plan for growth.
• Share key system performance information with
  resellers and customers.

53
Monitoring and Reporting Using Microsoft
Operations Manager (MOM)
MOM is an open, highly-scalable enterprise
operations management product which provides you
with

• Event, performance, and applications management.
• Proactive monitoring and alerting, reporting, and
  trend analysis.
• Management Packs which extend MOMs usefulness.
• Self-managing, self-deploying, and scalable
  technology.
• Open, extensible architecture based on industry
  standards.

54
MOM Benefits
 
55
MOM Architecture

• MOM Data Warehouse
• SQL Reporting Services
• MOM Database
• Data aggregation
• Knowledge - management packs
• Configuration data
• MOM Server
• Database access
• Consolidator
• Agent manager
• User interfaces
• Agentless monitoring
• MOM Agents
• Local monitoring
• Local management
• Encrypted Communications

System Center Data Warehouse
Reporting
Management Server
Ops Console Admin Console Web Console
DB
Agents
Agents
56
What Management Packs Do

• Most powerful feature in MOM
• Built in knowledge
• Encapsulates many years of accumulated experience
  from developing and managing applications
• Provides product-specific operational
  intelligence
• System and service availability
• System usage and performance
• Errors and events
• Automatic responses for
• Self correcting problems
• Notification
• Collect data for views and reports

57
Windows-based Hosting Management Pack
The Management Pack is a bundle of selected rules
that monitor critical services in the
Windows-based Hosting platform. Having this
Management Pack will help you to install and
deploy MOM in one to two business days.

• The Management Pack monitors and includes
• System and service availability
• System usage and performance
• Errors and events
• Data for views and reports
• Automatic responses for
• Self correcting problems
• Notification

58
Overview of Hosted Exchange 2003

• Hosted Exchange 2003 allows you to offer rich
  messaging services for consumers and small
  office/home office and small-to-medium sized
  enterprises.
• You can offer a broad range of services that go
  from basic e-mail up to higher value services,
  such as providing additional storage, hosting
  vanity domains and calendars.

59
Logical Diagram
60
Overview of Hosted Exchange 2003 User Experience

• Multi-tenant hosting of SMTP domains
• Customer isolation in Active Directory, address
  lists
• Consumer users
• Clients and protocols
• HTTP Outlook Web Access (OWA)
• POP3/IMAP4
• RPC over HTTPS Outlook 2003
• Automated provisioning
• Delegated administration
• Monitoring and reporting

61
Overview of Hosted Exchange 2003 Solution
Contents

• Documentation
• Pub Studio content viewer
• PDFs for printing
• Reference architecture
• Fully prescriptive deployment steps
• Code
• Provisioning
• Monitoring and reporting
• MakeGAlLinked.exe
• SMTP Domain Event Sink
• RPC over HTTP profile configuration Web site
• Fully tested
• PSS supported

62
Improvements in Back-end Exchange 2003

• Improvements related to back-end server
  deployment include
• Support for 8-node clustering
• Memory management
• Permissions model

63
Improvements in Front-end Exchange 2003

• Improvements related to front-end server
  deployment include
• RPC proxy server
• Outlook Mobile Access (OMA)
•  Exchange ActiveSync
•  OWA forms-based Authentication
• OWA S/MIME
• OWA compression

64
Improvements in Client Connectivity

• You can give customers more options for accessing
  e-mail, calendar, and contact information
• Outlook 2003
• Outlook Web Access 2003
• Outlook Mobile Access
• ActiveSync
• You can integrate a self-provisioning Web site
  for customers with the Hosted Exchange Web
  service methods and MPS. Through the site, a
  users could
• Update their Outlook profile settings.
• Automatically configure their Outlook 2003 to
  connect directly through the Internet to Hosted
  Exchange 2003.

65
Connectivity for Mobile Devices

• Hosted Exchange 2003 allows service providers to
  enable the same features for mobile clientsas
  Exchange Server 2003. This includes
• Allowing users to use mobile devices to access
  their e-mail and their Contacts, Calendar, and
  Tasks folders, through OMA.
• Allowing users to send and receive e-mail,
  contacts, and calendar items via wireless
  devices.
• ActiveSync, Always-up-to-date

66
Considerations for Defining Messaging Service
Offerings

• Outlook 2003
• Outlook Web Access for Exchange Server 2003
• Mobile clients
• Supporting POP3 and IMAP4 clients
• Supporting public folders
• Additional mailbox storage
• Supporting mailbox backup and restore

67
Considerations for Defining Service Level
Agreements

• Defining service level and service level
  agreements (SLAs)
• Considerations for Exchange Server requirements
• Considerations for monitoring and reporting
  requirements
• Considerations for provisioning requirements

68
Web Hosting Overview

• Web Hosting enables you to offer customers a
  variety of hosted Web services, including
• Basic dedicated mail.
• ASP.NET applications.
• Network Attached Storage (NAS) coverage.
• The solution offers specific guidance for hosting
  Microsoft Internet Information Services (IIS) 6.0
  and ASP.NET which results in
• Easier deployment and configuration.
• Reduced operational costs.
• Increased scalability, functionality, and
  security.

69
Web Hosting Benefits
 
70
Internet Information Server (IIS) 6.0
Architecture
Web Garden
Application Pool 2
Application Pool 1
Process Mgr
HTTP.sys
71
Overview of Data Hosting

• Provide Data Hosting services to customers on
  dedicated servers, shared servers, or both.
• Keep customer data secure by using one of two
  authentication models
• The authentication method you choose impacts your
  SQL Server deployment for both user
  authentication and the account under which the
  SQL Services run.
• When you deploy SQL Server, choose between
  Windows Authentication Mode and Mixed Mode.
  Active Directory is required for Windows
  Authentication Mode and is optional for Mixed
  Mode.
• Deploy Shared or Dedicated Servers.

72
Data Hosting Benefits
73
SQL Server Deployment Options

• For service providers who will provide hosted SQL
  Server to their customers, there are two major
  deployment configurations for SQL Server
  deployment
• Dedicated-one SQL Server per customer
• Shared Servers-one SQL Server shared by multiple
  customers
• For shared servers, there are two basic
  installation options
• Remote server
• Stacked server

74
Windows SharePoint Services Overview

• Windows SharePoint Services Hosting allows you to
  create Web sites for information sharing and
  document collaboration.
• Windows SharePoint Services is a component of the
  Windows Server 2003 information worker
  infrastructure that
• Provides team services and sites to Microsoft
  Office System and other desktop programs.
• Serves as a platform for application development.

75
Windows SharePoint Services Benefits
 
76
Whats New in Windows SharePoint Services
The newest version of Windows SharePoint Services
Hosting includes the following new features
A Microsoft Provisioning Service (MPS) provider,
allowing better integration between Windows
SharePoint Services and MPS
Changes to quota template usage, including the
use of storage-based quotas and site-based quotas
(except in shared deployments)
77
Windows SharePoint Services Architecture
78
Best Practice Workshop

• Goals
• Inventory current environment
• Overview Windows Hosting Platform
• Gap analysis
• Determine added value Windows-based Hosting
• Actors
• Info Support, eQuest Technical Architects
• Product Managers, Architects, System Admins
• Place
• On-site at Hosting Partner
• Duration 1 day

79
Architecture Design Session

• Goals
• Extensive inventory current environment
• Gap analysis
• Technical Architecture
• Deployment plan
• Cost Analysis
• Actors
• Info Support, eQuest Technical Architects
• Product Managers, Architects, System Admins
• Place
• On-site at Hosting Partner
• Duration Varies

80
Discussion and QA