Transcript System Center Configuration Manager 2007: Overview

Riedwaan Bassadien
Solutions Specialist
Management Solutions
Microsoft
Microsoft Confidential
Session Objectives
This is not your Dad’s SMS!
To show our range of new features, new services,
new abilities, and improvements from SMS 2003
SCCM is THE way to deploy Vista / ‘Longhorn’
and Office 2007
SCCM is your Management Tool of choice for
your offering development
We are Enterprise scale
We are a platform for you and the industry
RTM – August 2007
Beta 2 – Released in February, 2007
Pre-requisite checker in setup
Auto-create rules from “last usage inventory” data
Internet-based client management
SQL Server 2005 clustering & named instances
Native security mode
OS deployment support for Vista RTM
Desired Configuration Management
Backup and Recovery based on VSS
Binary delta replication
SMS sites and services are down for minutes instead of hours
Wake on LAN
MOF changes automatically compiled on all clients
Last usage inventory
Multiple MOFs to separate custom data from default data
AD System & User Discovery
New SMS Remote Control protocol using Vista technology
Beta 1 Refresh – Released in July, 2006
Same features from Beta 1, plus added OS deployment of Vista Beta 2, added
NAP integration with Longhorn Server, and SMS Administrator Console
performance improvements
Beta 1 – Released in February, 2006
Contained SMS 2003 functionality with a new SMS Administrator Console, branch
distribution point support, ITMU, and the OSD and Device Management Feature
Packs integrated
Simplicity
Simplicity
Up and running in minutes
Simplified UI
Advanced Task Sequencing
Reduced SCCM infrastructure costs with branch office support
Improved scheduling and greater control including Wake-on-LAN
Common processes for Windows Mobile and embedded device
Deployment
Deployment
Unified delivery of Windows operating system for clients and servers
One worldwide image to manage with Vista
Built on Windows Vista technologies including Windows Imaging
Vista and Office 12 upgrade assessment and resolution planning
Offline media support for full offline provisioning
Security
Security
Integration with “Longhorn” Network Access Protection
Simplified, comprehensive software updating w/ templates for common tasks
Enterprise Vulnerability assessment
Securely managing devices across the Internet
Secure network storage of user state during Operating System deployment
Configuration
Configuration
Knowledge-driven desired configuration management based on the System Definition Model (SDM)
IT policies for analyzing corporate and regulatory compliance
Out of the box configuration policies for server workloads i.e. Exchange
License and asset management
Primary Site
Secondary Site
MP - Management Point
SLP - Server Locator Point
RP - Reporting Point
DP - Distribution Point
SMP - State Migration Point*
Branch DP - Branch Office DP*
SUP - Software Update Point*
FSP - Fallback Status Point*
SHV - System Health Validator*
PSP - PXE Service Point*
* Denotes new server role
New Features
Copy Package Wizard
Maintenance Windows
Branch Support
Improvements
Improved Package cache control
Binary delta replication
Client Branding
Wake on LAN
Device = CE, PPC, Windows Mobile (SmartPhone)
Basic Management
Hardware/Software inventory
File collection
Software distribution
Settings management - Password policy management, Security policy management
Support for Smartphone
Over-the-air management of devices
Connection Management
Internet Based Management
Fallback Status Point
LOB Device Management
CE on ARM at RTM
Deployment
Automated client distribution via SMS Advanced Client desktop
Full integration with SCCM 07
Over-the-air client upgrade
The way to deploy Vista/LH in an enterprise
Major upgrade to OS deployment functionality
Significant enhancements from SMS 2003 OS
Deployment Feature Pack
Brings in server deployment from ADS
Integrated part of ConfigMgr 2007
Simplify planning for Vista/LH upgrade
Unified client and server deployment
Use Vista/LH tools
Enhanced security
End-to-end deployment
Yes
Yes
Fully automated
Yes
Yes
Wipe-and-load upgrade
Yes
Yes
Loose integration
w/RIS
Built-in integration
w/WDS
BDD scripts
Yes, w/built-in SMP
Fully offline deployment
No
Yes
Integrated Vista upgrade planning
No
Yes
Full server deployment
No
Yes
Security
Good
Much stronger
Flexibility/customizability
Good
Excellent
Vista/LH compatibility
Good
Excellent
No
Yes
Bare metal deployment w/PXE
Side-by-side
Device driver management
Core mechanism for controlling
all OS deployment operations
Sequence of steps to execute
Steps prior to deploying new OS
Steps to deploy new OS
Steps after the new OS is
deployed
Completely hands-off for full
automation of the process
Manage clients without a VPN
Road Warriors (Sales force, Consultant)
Point Of Sale (Restaurant, Retail store,
Gas station)
Employee’s home computers
Roam in and out intelligently
Converge with standards based
technology
PKI for certificate management
SSL/TLS for secure HTTP communication
Firewall for SSL termination
“Deliver a secure and reliable infrastructure to
enable IT administrators in an enterprise to
manage computers on the internet with the
same level of control as computers on the
intranet.”
`
Vision
Define configuration baselines
Identify required and prohibited configurations
Audit compliance of Windows systems
Core Scenarios
Detect configuration “drift”
Improve Helpdesk troubleshooting and “time-toresolve”
Regulatory compliance reporting
Change verification
Configuration Item (CI)
Units of configuration that can be detected, applied, and removed from
ConfigMgr managed machines
Application CI
Operating System CI
General CI
Software Updates CI
Configuration Baseline
A complex type of CI composed of other CIs which are:
Required
Optional
Prohibited
Can be assigned to collections for compliance monitoring
1
DCM CIs /
Baselines
ConfigMgr Database
Windows
Server
2003
CI
2
ConfigMgr
Admin
Console
401K
Application
CI
4
Script
XML
SQL
Registry
Active
Directory
File
Software
Updates
5
Configuration Manager Client
IIS
MSI
Compliance
State
Tables
401(k) Application
Server
Baseline
3
WMI
Antivirus
Software
CI
6
Compliance assessment
Security updates / vulnerability assessment
Application updates
Update deployment
Full Microsoft update content
Zero-day and routine deployments
Simplified admin experience
Also manage non-Microsoft software updates
OEMs and software vendors (ISVs)
Internally-developed applications
Key Improvements
WSUS Integration
Software Updates
use DCM channel
Custom Updates
integrate into SCCM
Core Engine
Taking advantage of all Microsoft Update content
SCCM clients no longer using offline catalog (wsusscan.cab)
Software Distribution and Software Updates no longer compete
Update compliance through state messages alleviates pressure on
hardware inventory
Allows for third party or LOB updates to be created outside of the
Microsoft patch process and added to scan catalog
Authorization lists
Simplified Wizard using template
Bundled updates
Selective download of binaries
Custom severity categories
Completely rewritten!
Significantly faster performance
Using Vista native “collaboration” technology
Back-ported to Windows XP and Windows Server 2003
Underlying protocol: RDP
Same basic functionality as SMS 2003:
Configuration for end-user acceptance of new session
3 levels of access
Full control
View only
None
Still integrated with Remote Assistance
Inventory
SMS 2003 SP3 AssetMetrix features added
Last Usage Inventory
Auto-created Metering Rules from this
Discovery
Discover “Extended AD Attributes”
Pre-populated with default attributes
Ability to add additional attributes to discover
Supports hosting SCCM 2007 Site DB
on SQL 2005 Clustered Server
VSS-based backup
Services off-line for minutes
Snapshot data moved to backup location
SCCM 2007 is a major upgrade of SMS functionality
that provides features for
Network Access Protection
OS Deployment
Internet-based client management
WSUS integration for software update management
Desired configuration management
Service windows/collection variables
Device management of Smartphones over the air
SCCM 2007 beta 2 will be full featured
Availability in Q1 of 2007
Join the open beta and evaluate the changes!
Thank you to our Partners for
their support of TechDays 2007
Tech Days 2007 – Evaluation Form Guidelines
Tech Days will be using scanned evaluation forms. We need you to please include
your delegate ID number which you received at registration onto the form. If your
Delegate ID number is 1234, then please colour in the number 1 on line 1, the
number 2 on line 2, the number 3 on line 3 and the number 4 on line 4 so that there
is 1 digit on each line to make up the completed 4 digit code. Please fill in your First
Name, Surname and Company name in the spaces provided as a back up.
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it
should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.