Business Desktop Deployment (BDD) Overview Fritz Ohman Alphageek

Business Desktop Deployment (BDD) Overview

Fritz Ohman

Alphageekwww.linkpad.co.uk

Welcome to this TechNet Event

FREE bi-weekly technical newsletter

FREE regular technical events hosted across the UK

FREE weekly UK & US led technical webcasts

FREE comprehensive technical web site

Monthly CD / DVD subscription with the latest technical tools & resources

FREE quarterly technical magazine

We would like to bring your attention to the key elements of the TechNet programme; the central information and community resource for IT professionals in the UK:

To subscribe to the newsletter or just to find out more, please visit www.microsoft.com/uk/technet or speak to a Microsoft representative during the break

http://www.microsoft.com/uk/technet


Why you are here

You have computers to deploy

You think automation is a good thing

You want to spend less time ’fighting fires’ and more on getting the most from your IT budget

So if you want a car like this ...

... You had better do this!

Manual Deployment £250 - £500 per PC £250 - £500 per PC

USMT, Application Compatibility USMT, Application Compatibility Toolkit, Windows PE, RIS, PQDI, Toolkit, Windows PE, RIS, PQDI, GhostGhost

Light Touch Deployment~ £200 per PC~ £200 per PC

Deployment automation with Zero Deployment automation with Zero Touch (SMS, MOM) Touch (SMS, MOM)

Zero Touch Based DeploymentLess than £50< per PC (goal)

Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Source:, *Higher Yields Windows XP Whitepaper, **Wipro Desktop Deployment Calculator Calculator

Agenda

Solution Accelerators and the BDD

Deployment Blockers

BDD solutions

Cost effectiveness

Solution Accelerator for BDD

V1 Updated to Standard Edition

Introduction to the BDD

BDD 2.0 Enterprise is a Solution Accelerator

A Solution Accelerator is about tools and free guidance

Targeted at defined customer scenarios a.k.a., pain points

Covers the entire lifecycle - Evaluating, planning, building, deploying, and operating

Solution Accelerators leverage the combined experience of partners, customers and Microsoft Consulting Services

Engineered, real-life tested, and validated

Supported by Microsoft PSS!

Microsoft wants you to use their products, and Microsoft wants you to implement them correctly so that you get maximum return on your investment

It is a true win-win scenario

Sample Solution Accelerators

Domain Server Consolidation & Migration

File & Print Consolidation & Migration

Patch Management Using SMS 2003

Windows Server Deployment

Application Installation Using SMS

Service Monitoring and Control Using MOM

Business Desktop Deployment (BDD)

Plus many more in Security, Unix, SMB…

Finding Solution Accelerators

http://www.microsoft.com/desktopdeployment

Solution Accelerators for BDD

BDD Enterprise Edition

BDD Standard Edition

25 500 2000 ∞

Number of PCs in an organization

Two Versions: Standard Edition and Enterprise Edition

BDD Standard Edition for 25 or more unmanaged workstations

– Few infrastructure requirements

– Based on light tools, scripts, and commercially available imaging software

– Lite Touch installs and takes only a few moments per PC

BDD Enterprise Edition for 250 or more managed workstations

– Leverages SMS 2003 SP1, Active Directory,BizTalk Server 2004

– Zero Touch installs and provisions

– SMS 2003 OS Deployment Feature Pack includes Windows Imaging (WIM)

Perceived Deployment Blockers

Application compatibility issues are too difficult to overcome

Image management is too costly with our current hardware complexity

How can I reduce the cost of deployment if I have to send technicians to every single desktop?

Will our infrastructure be able to handle automated deployments?

Does desktop standardization really improve security levels?

Is it worth the investment in additional IT and best practices training?









Image Mania

Source: WiPro/Intel/Microsoft PC Diversity 2004








ReduceReduce LowerLower

EnableEnableDeliverDeliver

Reducing Deployment Cost and Complexity

Zero Touch Based DeploymentZero Touch Based DeploymentLess than $100 per PC (estimate**)Less than $100 per PC (estimate**)

SMS, Application SMS, Application Compatibility ToolkitCompatibility Toolkit

Light Touch DeploymentLight Touch Deployment~ $355 per PC*~ $355 per PC*

Deployment Deployment automation with automation with Zero TouchZero Touch

















Windows XP Service Pack 2

Advanced Security TechnologiesAdvanced Security Technologies

Windows XP Service Pack 2

Most attacks Most attacks occur hereoccur here

SituationWhen do exploits occur?

ProducProduct t

shippeshippedd

VulnerabilityVulnerabilitydiscovereddiscovered

Fix Fix Made Made

AvailablAvailablee

Fix deployedFix deployedby customerby customer

Exploit TimelineProcess, Tools Critical

ProducProduct t

shippeshippedd

VulnerabilityVulnerabilitydiscovereddiscovered

Fix Fix Made Made

AvailablAvailablee

Fix deployedFix deployedby customerby customerDays between Fix and Exploit have

decreased so that patching can’t be the only defense in large organizations

Exploit

151151180180

331331

BlasterBlasterWelchia/ Welchia/ NachiNachi

NimdaNimda

2525

SQL SQL SlammerSlammer

1414

SasserSasser

How SP2 Would Have Helped

MSBlaster worm

– Windows Firewall, by default, blocks the ports required to exploit this vulnerability

– By denying unauthenticated requests to DCOM, this exploit would have been mitigated

– The /GS Switch and/or NX would have prevented this exploit by preventing the unchecked buffer from being exploited

W32.Sasser.worm

– Windows Firewall, by default, blocks the ports required to exploit this vulnerability

– The /GS Switch and/or NX would have prevented this exploit by preventing the unchecked buffer from being exploited

Mydoom and W32/Nimda.A@mm

– Attachment Manager would have blocked Mydoom had an infected e-mail been opened in Outlook Express

Various spoofing and phishing attacks on the Internet

– The new IE Popup Blocker and new limitations on script-initiated windows would have eliminated many of these attacks










Windows XP UpgradeWindows XP Upgrade

Active Directory,Active Directory,Group Policies, SMSGroup Policies, SMS

Managed Windows XP EnvironmentManaged Windows XP Environment$1367 annual TCO per PC$1367 annual TCO per PC

Unmanaged Windows 9xUnmanaged Windows 9x$2164 annual TCO per PC$2164 annual TCO per PC

Unmanaged Windows XP Unmanaged Windows XP EnvironmentEnvironment $1788 annual TCO per PC$1788 annual TCO per PC

Source: Comparing Managed and Unmanaged Client Environments, IDC, Source: Comparing Managed and Unmanaged Client Environments, IDC, February 2004, Annual cost based on 5 year IDC TCO studyFebruary 2004, Annual cost based on 5 year IDC TCO study

Lower Total Cost of Ownership

Short Term Payback, Long Term Benefits

TCO Analysis Overview Per Desktop WXP WXP+AD WXP+SMS WXP+AD+SMSDirect Costs (budgeted)

Hardware and software $1,367.81 $1,352.15 $1,329.46 $1,314.38 Operations $609.11 $522.39 $545.78 $473.74 Administration $373.63 $369.08 $368.61 $364.30

Total Direct Costs $2,350.55 $2,243.62 $2,243.85 $2,152.43

Indirect Costs (unbudgeted)

End user operations $2,359.08 $1,719.33 $2,063.10 $1,461.57 Downtime $118.55 $73.21 $97.48 $56.19

Total Indirect Costs

Annual Total Cost of Ownership (TCO) $4,828.18 $4,036.16 $4,404.43 $3,670.19

AD Direct Cost Savings $107SMS Direct Cost Savings $107AD and SMS Combined Direct Cost Savings $198 some AD and SMS benefits overlap








BDD is designed to counter your deployment blockers and enable you to move forward



Enable Agile IT Infrastructure

Enable Agile IT Infrastructure

Agile IT? Huh? Once more, without jargon:

We would like you to better use what you already have

BDD helps you tap the full potential of Windows-based networks

BDD puts you in a great position to quickly take advantage of upgraded versions

Best Practice Deployment

Why Use Best Practices?

Traditional Deployment

$$

$$

Why use BDD?

Lower deployment costs– Overall, organizations that used the Microsoft Solution Accelerator for Business Desktop

Deployment realized benefits throughout the deployment process and experienced an average 22% reduction in annual deployment costs.

Faster rollouts – Organizations were able to reduce the time of delivery of desktop migration projects by reducing

the time needed to complete inventory, compatibility testing, and imaging tasks.

More efficient planning– By using accelerator planning resources, organizations provided more detailed and thorough

desktop strategies and developed comprehensive migration plans more quickly with less effort.

Improved IT staff and user productivity– Organizations across the survey significantly reduced deployment-related, end-user downtime. By

minimizing downtime and improving the desktop migration experience, surveyed organizations also significantly improved user productivity and reduced the disruption caused by deployments in large-scale desktop environments.

Source WiPro Jan 2005

Solution Accelerators for BDD

BDD Enterprise Edition

BDD Standard Edition

25 500 2000 ∞

Number of PCs in an organization

Two Versions: Standard Edition and Enterprise Edition

BDD Standard Edition for 25 or more unmanaged workstations

– Few infrastructure requirements

– Based on light tools, scripts, and commercially available imaging software

– Lite Touch installs and takes only a few moments per PC

BDD Enterprise Edition for 250 or more managed workstations

– Leverages SMS 2003 SP1, Active Directory,BizTalk Server 2004

– Zero Touch installs and provisions

– SMS 2003 OS Deployment Feature Pack includes Windows Imaging (WIM)

BDD Enterprise vs BDD StandardThe differences explained

BDD V2 – Two Versions

“Standard” and “Enterprise”

Zero Touch Provisioning (ZTP)

Zero Touch Installation(ZTI)

Light Touch Wipe & Load

Common Tools & Guidance

BDD BDD StandardStandard

BDD BDD EnterpriseEnterprise

It’s not a numbers decision

Infrastructure dependant

Active Directory

SMS/OSD

Zero Touch, BizTalk, SQL, Active Directory

BDDe can be used in small to medium sized organizations

Provisioning

- Identities

- Security

- Desktops

- Software

- Terminal Server sessions

- Smartcards

- Web sites

- Email features

- Server software features

- Shares

- Storage

- Voicemail

- PDA

- Cell Phone

- VOIP

- Integrate with B2E, B2B

Method of creating, constructing, deploying, and managing any service, software, or device, whether dependant on human interaction or system automation

Provisioning Defined

BDD Tools And ApplicationsStandard Edition and Enterprise Edition Comparison

Business Desktop Deployment Standard Edition Enterprise Edition

Customer ScenariosLight Touch Wipe & Load

Zero Touch Install

Zero Touch Provisioning

Tools UsedApplication Compatibility Toolkit 3.0

Virtual PC & Virtual Server

Windows Pre-Installation Environment (WinPE 1.5)

User State Migration Tool 2.6

Remote Installation Server (RIS) for Windows Server 2003

Symantec DeployCenter Library

Symantec Ghost Corporate Edition

Access 2003 Conversion Toolkit

SMS 2003 SP1

SMS OS Deployment Feature Pack

BizTalk Server 2004 (ZTP)

Microsoft Operations Manager 2005

Applications and OSWindows XP Service Pack 2

Office 2003 Service Pack 1

Zero Touch OS Refreshes

Zero Touch SW Refreshes

Zero Touch App Additions

Standardized Procedure

Fewer Images

Less Costly Re-imaging

More Productive Resources

Accelerated Deployments(reduced people cost)

Fewer Post-Deployment Problems

Solution Accelerator for Business Desktop Deployment

Long-Term Value of Business Desktop Deployment Best Practices

Value of Automated Deployment

Task Manual Automation

Software Inventory4 hrs elapsed time

4 hrs tech.1 hrs elapsed time

0 hrs tech

Software Compatibility Testing(based on 10 applications)

20 hrs elapsed time20 hrs tech

.1 hrs elapsed time.1 hrs tech

Hardware Inventory2 hrs elapsed time


0 hrs tech

User Configuration/Data Saved Not Applicable2 hrs elapsed time

0 hrs tech

Operating System Installation*1 hrs elapsed time


.5 hrs tech

User Configuration Applied2 hrs elapsed time

2 hrs tech2 hrs elapsed time

0 hrs tech

Application Installation(based on 10 applications)

2 hrs elapsed time2 hrs tech

.5 hrs elapsed time0 hrs tech

*Manual time based on CD installation Automation time based on OS image applied Research provided by Microsoft® Corporation

Remember the red car?

Manual Deployment £250 - £500 per PC £250 - £500 per PC

USMT, Application Compatibility USMT, Application Compatibility Toolkit, Windows PE, RIS, PQDI, Toolkit, Windows PE, RIS, PQDI, GhostGhost

Light Touch Deployment~ £200 per PC~ £200 per PC

Deployment automation with Zero Deployment automation with Zero Touch (SMS, MOM) Touch (SMS, MOM)

Zero Touch Based DeploymentLess than £50< per PC (goal)


What’s the downside?

The BDD guidance documentation is extensive

Can seem like a daunting task

But ... help is at hand!

BDD Partners

Linkpad Ltd (me!)

... and a host of other MS Certified partners will be able to assist you in your migration

Look for Microsoft QuickStart and Microsoft QuickPlan certified Partners

Microsoft QuickStart and Microsoft QuickPlan are fixed-length, fixed-scope, fixed-price engagements that enable you to move rapidly towards a full rollout while managing cost

BDD Systems Integrations Partners

Avanade

Atos

Bellerephon

Capgemini

Computacenter

CSC

Dell

EDS

Getronics

HP

Linkpad

Satyam

TCS

Unisys

Wipro


Documents

Business Desktop Deployment (BDD) Overview Fritz Ohman Alphageek