High-Performance Computing Solution Implementer Guide

High-Performance Computing

Solution Implementer Guide

Agenda

Recap Discussions to Date

Next Steps

Solution Guidance

• Phase 1• Phase 2• Phase 3

Customize the Solution Requirements

Engagement Approach

Audience

Solution road map

Solution areas Industry Horizontal

Business strategy

Integrated Capability Analysis => Projects, architecture, products

1. Present relevant integrated capabilities

2. Position the Integrated Enterprise Platform approach

Busi

ness

exe

cuti

ves

1. Understand business needs and priorities

2. Discuss range of potential solution capabilities

ITexe

cuti

ves

Arc

hit

ect

s IT

pro

/dev

exe

cuti

ves

Integrated Capability Analysis

Ensure target business capabilities cover process improvement priorities

Translate business capabilities into required infrastructure capabilities

Assess current infrastructure maturity

Determine gaps to target integrated capabilities

Build a road map for integrating capabilities and implementing solutions

Specify required platform architecture, technologies, and services

Baseline the Microsoft platform road map

Business Driver

Phase 1 Phase 2 Phase 3

MAKE BETTER DECISIONS

Scale and aggregate data and calculations in parallel and enable summarization of data and results to make better decisions via collecting data, integrating multiple data sources, and aggregating data into a single work area

Analyze a maximum amount of data in minimal time via integrating numerous reliable sources to help ensure a consistent and accurate data source for decision-making

Lay out predefined database views so that users can easily build their own reports via built-in report formats that use familiar tools and technologies and a richer reporting database that has an enhanced API to build custom reports

Prioritize deals to ensure that the most urgent calculations are completed first via the ability to assign priorities among multiple calculations and to allocate resources based on those priorities

Enable parallel computing for performing simultaneous calculations and then solving them concurrently via mechanisms to launch and monitor jobs and access data and results simultaneously

Ensure timely decisions with minimal error and greater accuracy via broad access to parallel computation capabilities and by providing sufficient alerts or flags for missing or misleading data sources and data

More easily identify when data is ready for review and when decisions can be made via providing flags and alerts that show users when calculations are completed

Prioritize computational needs based on business needs to analyze the most urgent data first via priority-based analytical and computational capabilities that schedule jobs and their associated tasks; allocate resources to these jobs; initiate tasks on compute nodes; and monitor job status, tasks, and compute nodes

Provide immediate output during calculations by displaying more information to users at a faster speed via the ability to split complex jobs into smaller calculations and divide them across multiple systems for faster execution

Enable transparent access to information through common tools so users have faster access to more information, can analyze information more thoroughly, and can make better-informed decisions via spreadsheet-based calculations and user-defined functions that run on cluster nodes to enable better analytical capabilities

Support for Priority Business Capabilities

Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.

Business Driver


DRIVE PRODUCT INNOVATION AND TIME TO MARKET

Allow the results of early simulations to affect assumptions in later simulations via multiple simulations that run simultaneously or sequentially and by the ability to automatically fine-tune simulations after each run

Enable larger simulations to analyze specific data to support smaller experiments within the model via features that, during calculation, display and transfer specific information related to different variables and results at a faster speed

Process large data sets without freezing a workspace for long periods via a computational system that has sufficient resources and finely tuned performance to ensure faster and more efficient use of resources

Minimize the number of incomplete jobs and broken jobs via providing alerts or flags for failed jobs to facilitate a relevant response

Maximize the time available to run simulations by ensuring infrastructure is at full capacity via implementing a decision-making mechanism that helps apply scheduling policies to distribute workload across available nodes in the cluster according to the job profile

Allow for the storage and accessibility of all simulation and experiment results via a highly available performance environment that incorporates parallel processing to store and retrieve information from multiple experiments simultaneously

Store completed analysis clusters and easily return to the information via an efficient, cluster-based computational system that simultaneously deploys, runs, and manages thousands of processing cores

Identify broken or stopped jobs quickly and replace them with productive jobs via the ability to take corrective measures such as restarting, creating logs for analysis, or replacing failed job runs with a new job

Prioritize and maximize the simulations that are run for each experiment to use minimal time and optimal resources via a job-scheduling interface that directly integrates desktop applications with resources such as clusters

Allow researchers to easily query and see large sets of data and transfer relevant data as it is recognized via the ability to quickly search and filter required data based on key points and by advanced heat map views that support the display of large numbers of clusters (or variables) and results on a single screen

Integrate multiple technologies to complete data analysis without data flow problems via the ability to edit or cancel service requests without canceling the current session and the ability to save calculation resources for later use regardless of the underlying technology

Provide mechanisms to restart systems automatically and to initiate failover of broken nodes to ensure better business continuity via a highly available, cluster-based computational system that simultaneously deploys, runs, and manages thousands of core processors to support continual availability



Business Driver


SPEED RESEARCH AND DISCOVERY

Allow for multiple researchers, in parallel, to access the same model and run scenarios with different assumptions or inputs via a high-performance computing environment that supports running intensive computational scenarios simultaneouslyCreate common workflows within all testing facilities via custom, forms-based solutions that have integrated workflows and provide access to dataProvide the ability to focus on high-priority simulations to ensure the earliest possible results via a graphical administration console and other easy-to-use tools that allow users to easily schedule jobs, allocate necessary resources, and change associated tasks and properties

Optimize use of computing resources to provide all users with quick access to research results based on business priorities via a decision-making mechanism that helps apply scheduling policies to distribute workloads across available nodes in the cluster according to job profileSet up a system to monitor jobs to avoid duplication of jobs via management reportingIntegrate research outcomes with the latest results from other simulations and experiments via the integration of jobs that run over various simulations and experiments by a variety of researchers, and by the ability to consolidate the research resultsProvide the ability to schedule dependent simulations to run after prerequisite simulations have run via mechanisms that schedule jobs and their associated tasks, allocate resources to jobs, initiate tasks on compute nodes, and monitor job and task status

Consolidate and provide access to large volumes of data and results that are produced by model-based analysis via a robust execution environment that helps store contributions and results, including variables and job settingsEnable administrators to easily measure performance and efficiency and to help detect problems and take corrective actions via the ability to set up automated alerts and notifications related to networking, configuration, deployment, power, and coolingEnable computation that allows many simultaneous operations regardless of the underlying technology via a system that can integrate results from multiple applications—including traditional, distributed parallel applications and new web service-based applications

INCREASE COST SAVINGS AND EFFICIENCY

Minimize the time required to run a defined set of test simulations successfully via a platform that scales to thousands of processing cores to run simulationsAllocate resources to match departmental surges in capacity via a job scheduler to support larger clusters, more jobs, and larger jobs (including improved scheduling and task throughput at scale, and service-balanced scheduling that optimizes the process of starting jobs and balances assigned resources in real time according to their priorities)

Run additional tests and simulations while ensuring faster and more efficient use of resources via an architecture that has built-in, finely tuned performance and provides an interface for high-speed, low-latency networks to achieve better performance through more efficient use of processor resourcesScale and optimize resource use through a combination of cloud-based and on-premises resources via a cloud-based, on-demand computing and storage environment that enables consumption of computing resources only as needed

Deliver faster simulation results by increasing computing power, while optimizing infrastructure to run simulations and tests more effectively via management tools that help system administrators proactively monitor system health and maintain system stabilityActively manage server use to make sure prioritization does not occur until hardware is at full capacity via in-depth server-use reports and scheduling enhancements to optimize performance for various workloadsOffer a systematic and secure solution that is deployed from the cloud, integrates with on-premises assets, and gives IT organizations oversight and control of distributed data assets via a highly available, scalable, multiple-tenant storage service in the cloud that includes built-in fault tolerance and a consistent management experience across the premises and the cloud



Business Driver


INCREASE COST SAVINGS AND EFFICIENCY (continued)

Provide in-depth health reports and a knowledge base that has detailed information to facilitate faster and easier resolution of issues related to server use via the ability to analyze node details—such as metrics, logs, and configuration status—to monitor infrastructure at ground levelsEnsure that all applications are included in IT inventory, can be supported, and can be used by peers via a categorized application inventory and the ability to translate inventory data into useful informationAllow multiple groups to contribute to experiments while ensuring that users have appropriate access to resources and data via allowing jobs to run under individual users' credentials instead of under a single predefined user’s credentialsEnable users to specify computational, networking, and application resource requirements and to perform the correct placement for the job via job templates that help define the necessary resources for specific processing needs and help set the priorities of multiple user groups, to serve as a pattern for the creation of jobsEnable researchers to create and run independent experiments and simulations, perform scheduling tasks, and submit or cancel jobs as required via providing a way for researchers to log on, view, and page through jobs and tasks; to view job and task properties; to filter jobs by status or current user; to refresh job and task lists; and to submit and cancel jobs independently without affecting other users of the same system

Enable service-level monitoring to help system administrators quickly validate that resources are available and performing as expected via administrators' ability to easily measure performance and efficiency, and to help detect problems related to networking, configuration, deployment, power, and coolingKeep track of all software licensing and construct reports about application deployment and use via tracking software licenses as deployed in various environments and by identifying whether software is compliant with license agreements, key industry standards, and corporate policiesAllow IT support to manage the administration of simulations without having access to the data within them via encrypted and authenticated channels for job management-related communications to ensure secure access to the data flowCentrally manage server use to ensure that capacity is full before processing requests to prioritize jobs via a shared resources mechanism to ensure that multiple researchers can create and run independent experiments and simulations that take advantage of the cluster without affecting other experiments

Enable intelligent monitoring, reporting, and automation of routine and redundant tasks to reduce the level of manual effort required via a browser-based model to automatically monitor and manage server use from a centralized console, and via centralized and custom reports and graphs for scenarios such as daily operational analysis, charge-back reporting, cluster utilization and analysis, and capacity planningMaximize the effectiveness of software licenses through central management via a centralized console to monitor and manage all software used across the organizationManage user identity and access control for launching and monitoring jobs, and for gaining access to data and results, while improving data security via single sign-on mechanisms; network access protection; role management; network policy management; and an integrated, bidirectional firewallAllow jobs to be placed more efficiently for their applications' performance characteristics while protecting data from experiments and simulations via policies for scheduling the allocation of multiple-level computing resources to allow jobs to request the level of detail necessary to schedule their computing resources and implement recovery mechanisms




Next Steps

Solution Guidance



Agenda

Sophistication of the Solution

Phase 1

Provides basic support for the most critical elements of the business driver

Phase 2

Provides adequate, typical support for critical and priority elements of the business driver

Phase 3

Provides thorough, streamlined support for the business driver that enables differentiated levels of performance

MAKE BETTER DECISIONSSPEED RESEARCH AND DISCOVERY


INCREASE COST SAVINGS AND EFFICIENCY

Solution GuidanceCONCEPTUAL

ARCHITECTUREMAPPINGPHASE

DEFINITION TECHNOLOGIESLOGICAL

ARCHITECTURECONCEPTUAL

ARCHITECTURE

MAPPINGPHASE

DEFINITION TECHNOLOGIESLOGICAL

ARCHITECTURE

Phase DefinitionFor each business driver, list the business challenges, solution features, and business benefits for this solution phase. Use this information and the “Support for Priority Business Capabilities” slides to structure the conversation with IT professional(s) for capturing, refining, and baselining business problems and solution functionality priorities.

MappingThe Optimization mapping indicates the maturity level required for each capability of the solution to fully support the features specified in this solution phase. Use the mapping as a starting point to determine appropriate maturity levels for the solution. After mapping the solution, assess the gap between the current and desired infrastructure to:

• Understand the scope and sequencing of work required• Organize a deployment road map

TechnologiesUse the results of the Optimization mapping to determine the technologies required for the features and supporting capabilities specified in this solution phase.

Conceptual ArchitectureUse this high-level, use case diagram to provide the “black box” definition of this solution phase. Customize to your solution definition during the integrated capability analysis.

Logical ArchitectureUse this logical, component-level architecture view to show all software components and how they interact to support this solution phase. Tailor to fit your particular solution definition during the integrated capability analysis.

Note: Physical architecture is covered in the Architecture Guide also used during the integrated capability analysis.

Agenda


Next Steps

Solution Guidance



Phase 1 CONCEPTUAL ARCHITECTURETECHNOLOGIES

LOGICAL ARCHITECTURE

MAPPING

PHASE DEFINITION

Business Driver Needs Business CapabilitiesMAKE BETTER

DECISIONSMake better decisions quickly to gain competitive advantageAnalyze large data sets faster and more efficiently to gain better insightsGive information to the right people at the right time to drive key decisions

Scale and aggregate data and calculations in parallel and enable summarization of data and results to make better decisionsAnalyze a maximum amount of data in minimal timeLay out predefined database views so that users can easily build their own reports


Increase the use of simulation technology to drive product innovationCreate more realistic models to drive better designSpeed the time to market for product development by harnessing computational capacity

Allow the results of early simulations to affect assumptions in later simulationsEnable larger simulations to analyze specific data to support smaller experiments within the modelProcess large data sets without freezing a workspace for long periodsMinimize the number of incomplete jobs and broken jobs


Enable collaboration across groups who use simulation technologyCreate shared workflows to collaborate on models and resultsCreate more realistic models to better understand the physical world

Allow for multiple researchers, in parallel, to access the same model and run scenarios with different assumptions or inputsCreate common workflows within all testing facilitiesProvide the ability to focus on high-priority simulations to ensure the earliest possible results

INCREASE COST SAVINGS AND

EFFICIENCY

Maximize the efficiency of fixed space and power to increase the number and scale of simulationsScale beyond existing capacity as neededCentrally manage applications to optimize infrastructure and drive cost savingsAllow multiple groups to share infrastructure while optimizing resource availability

Minimize the time required to run a defined set of test simulations successfullyAllocate resources to match departmental surges in capacityProvide in-depth health reports and a knowledge base that has detailed information to facilitate faster and easier resolution of issues related to server useEnsure that all applications are included in IT inventory, can be supported, and can be used by peersAllow multiple groups to contribute to experiments while ensuring that users have appropriate access to resources and dataEnable users to specify computational, networking, and application resource requirements and to perform the correct placement for the jobEnable researchers to create and run independent experiments and simulations, perform scheduling tasks, and submit or cancel jobs as required

B S R D

Datacenter Mgt and Virtualizat

ion

Data Center Mgt & Virtualization

Automated build with defined deployment and provisioning processes. Deployment and management of software updates are tool based. Physical and virtual hardware, software, and consumption unit assets are reconciled and reported on demand (manual or automated), and tools and data repository are in place to track and audit assets. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization actively uses virtualization to consolidate resources for production workloads. Some Production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.

Server Security Malware protection is centrally managed across server operating systems within organizations, including the host firewall. Protection is deployed and centrally managed for all applications and services. Multiple disparate configurations of products are used for firewall, IPS, Web security, gateway anti-virus, and URL filtering.

Networking Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. IPv4 for main transport services, using IPv6 for some transport services (eg. to achieve larger address range).

Storage Storage is managed and allocated on highly available servers using virtual disks or dynamic disk volumes. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements.

Device Deployme

nt and

Management

Device Mgt & Virtualization Software distribution to local and geographically dispersed users is automated.

Device Security

Identity & Security

Services

Identity & Access

To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Password policies are set within a directory service to enable single sign on across boundaries for most applications. Password resets through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories.

Information Protection & Control Reporting is predefined for select server and back-office waypoints.

IT Process & Compliance

Each IT service has a formal definition of reliability. Each IT service has a process to manage bug handling and design changes; IT services are tested according to defined test plans based on specifications. IT service release processes are uniform across IT services; deployment is automated and offers self service where possible; management reviews each service for readiness to release before deployment. Each IT service provides service-level and operational-level agreements. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are in place for each IT service, with self service access to knowledge base. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Comprehensive service life cycle orchestration that is automated for some workloads.

Phase 1: Core IOBasic Standardized Rationalized Dynamic

B S R D

Collaboration

Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications.

Portals Multiple portals exist; directory services, authentication, and authorization are not uniform across portals, requiring users to sign in multiple times; user management methods are redundant.

Social Computing

Project Mgt

Information access

Interactive experience and navigation

Messaging

Unified Communications

IM/Presence

Conferencing

Voice

Content Creation

and Managem

ent

Information Mgt

Process EfficiencyCustom solutions developed by IT are used to deliver and manage key forms electronically; form data and scanned paper-based content are stored in a custom data repository. The organization uses basic workflow tools to process, review, and approve documents; simple workflow routing is part of the collaborative workspace infrastructure.

Compliance

Authoring

Multi-Device Support

Interoperability

User Accessibility

Phase 1: BPIOBasic Standardized Rationalized Dynamic

B S R D

BI and Analytics Platform

Business Intelligence

Self-service reporting and analysis environment and tools established and maintained by IT. Access to data is decentralized but governed by IT with a well-defined process for stewardship and governance. Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. IT provides access for users to sanctioned data sources as database connections, data feeds, or static data dumps, upon which users can easily perform ad-hoc queries and data analysis using Excel or other analysis tools. Users can share their analyses via a BI portal. Users may have access to more advanced self-service analytics tools to perform data mining or predictive analysis without dependence on IT or a Data Analyst. IT provisions and provides access to infrastructure, statistical analysis and data mining tools, and common sanctioned data sources to Data Analyst roles to analyze business data and build models to enable future decisions, predict trends, find correlations in business attributes, etc. Data Analysts publish the results of their analyses to business users via reports, spreadsheets, charts, visualizations, etc.

Data Warehouse Management

EDW is refreshed on a near real-time basis so that information is readily available to mission-critical applications, analytics, and reporting systems. A high degree of concurrency exists, with many users running complex queries and interacting with complex analytics tools simultaneously with data loading. Management and maintenance of storage, hardware, and supporting software is manual and ad hoc. Data mart data structures are optimized for local reporting and analysis performance and user understanding, including use of star/snowflake schemas. Data marts feed a centralized data warehouse that effectively relays information across most key areas of the business. Loading of data into data marts and from data marts to the enterprise data warehouse includes automated transformations to reconcile and validate the integrity of the data. Consistency in data warehouse operation and maintenance across distributed data marts is improved through use of common tools, policies, and sharing of best practices, driven by the EDW team. SLAs emerge. Data changes can be planned through standard impact analysis, and effective collaboration occurs across data mart and EDW teams. An IT-managed BI environment and applications at the department level are aligned with the enterprise data warehouse (EDW) environment and applications. IT proactively builds, maintains, and manages key reports and analysis models that are used regularly across the business. IT designs, implements, and manages semantic models (such as OLAP) and data schemas optimized for managed and self-service reporting and analysis.

Big Data

Information Services and Marketplaces

Database and LOB Platform

Transaction Processing

Data Management

Key high-value data has associated formal data management policies and processes. Data governance may be recognized on a siloed basis, but not as a corporate discipline. Data and asset inventories and dependency relationships are manually documented periodically. Access policies for data and objects in databases are defined but not centralized, and do not reference data classifications. Administrative tasks are still performed using an over-privileged account. Security management is performed on a server-by-server basis. Systems are in place for retention backup. Organizational/departmental policies exist for how long items are stored and what is stored. Auditing is sparingly used or not used at all. Metrics focus on expiration dates for information, files, and other electronic forms to address known compliance risks.

Application Infrastructure

Application messaging services used by development are aligned with standard application operating environments. Development and operations teams have the skills required to effectively and consistently make use of these technologies. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks. Deploying applications is complex and process varies by application. Monitoring of applications uses IT infrastructure components and tools to monitor business process steps, workflow instances, health of applications and services, and the entire process at a summary level. The organization leverages application servers, and developers write very little system and management code. Management tools consist of utilizing included management software more fully. Built-in diagnostics exist for domain connectivity, services health, firewall settings, network connectivity, and for SOA runtime infrastructure. Shared service exists for application caching with a dedicated team optimizing and adding capabilities to help performance and scale. Application performance and scale are typically accounted for in initial application design and implementation, so they are easy to scale and adapt. IT operations is proactive in monitoring applications and performance thresholds, and can adjust performance and scale on demand. Computationally intensive applications intentionally and explicitly employ parallel programming patterns and algorithms to leverage multi-core, utilizing third-party mathematical libraries to solve domain-specific problems. Easy-to-use UI available for job submission, monitoring, and management.

Custom Developme

nt

Internet Applications

Component and Service Composition

Some use of reusable assets is supported by high-value services, components, and modules. Composition by IT departments requires advanced coding skills. Use of composition frameworks and tools happens on a project-by-project basis. SOA and portal components are not coordinated. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Central IT provides managed and secure data services to some of the most commonly needed enterprise entities and provides business units with standard services to some key enterprise systems and for some standard needs like reporting and dashboards. LOB applications expose pre-built web parts that integrate with the company portal and are easily used by users. Developers are beginning to create components and services for the designated portal platform, though the efforts are exploratory in nature or focused on individual projects.

Enterprise IntegrationUse of standardized processes for data integration is at the project level and technologies are used to improve back-end integration. The business leverages an integration broker running on-premises to connect to cloud applications using adapters. Reusable integration components are developed for custom development on an ad hoc basis. Project management is centralized for application integrations.

Development Platform

The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.

Application Lifecycle Management

Work-breakdown structures map estimated work to business value. Rudimentary metrics are used to manage project progress. Project managers aggregate data from standard status updates. Effective change management processes are in place. Testing has test harnesses and some automation, formal unit testing with good code coverage, and defined test strategy and processes. Explicit use of code quality tools typically occurs at the end of the development cycle. Labs for testing and development have environment specifications that are defined and tested with environment build procedures and application build deployment procedures. Processes are defined for debugging production defects and incidents, with a standard set of defect artifacts.

Phase 1: APO MAPPING

CONCEPTUAL ARCHITECTURETECHNOLOGIES


PHASE DEFINITION

B S R D

Datacenter Mgt and

Virtualization


Compliance Management Libraries; Compliance Management Libraries 2.0; Data Classification Toolkit; Hyper-V Server 2008/2008 R2; Hyper-V Server 2008/2008 R2 (Server Consolidation); Hyper-V Server 2008/2008 R2 Enterprise; Hyper-V Server 2008/2008 R2 Standard; IT Governance, Risk and Compliance process management pack; Risk and Compliance process management pack 2.0; Microsoft Assessment and Planning Toolkit 6.0/6.5; Microsoft Deployment Toolkit 2010/2012; Microsoft Software Inventory Analyzer 5.0/5.1; Opalis; Security Compliance Management Toolkit; Security Compliance Manager; Security Compliance Manager 2.x; Software Asset Management; System Center 2012 Configuration Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise/Datacenter (Hyper-V); Windows Server 2008 R2 Standard/Enterprise (Hyper-V); Windows Server 2012; Windows Server Update Services 2.0/3.0

Server Security Forefront Endpoint Protection 2010; Forefront Protection 2010 for SharePoint; Forefront Security for SharePoint; Forefront Threat Management Gateway 2010 (Web antivirus/anti-malware protection, Network Inspection System); Internet Security and Acceleration Server 2006 (Multi-Networking); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2012

Networking Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Domain Name System server); Windows Server 2008 R2 (Dynamic Host Configuration Protocol server); Windows Server 2012

Storage

Microsoft Online Backup Service; System Center 2012 Data Protection Manager; System Center Data Protection Manager 2010; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Backup and recovery); Windows Server (Backup/Recovery, Hyper-V Replica); Windows Server 2012 (Virtual Disks); Windows Storage Server 2008; Windows Storage Server 2008 (Backup and recovery); Windows Storage Server 2008 R2; Windows Storage Server 2008 R2 (Backup and recovery)

Device Deploymen

t and

Management

Device Mgt & Virtualization Microsoft Deployment Toolkit 2010; Microsoft Deployment Toolkit 2012; Windows Azure; Windows Intune

Device Security

Identity & Security

Services

Identity & Access Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services, Group Policy); Windows Server 2012

Information Protection & Control Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006


Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Hyper-V Server 2008; Hyper-V Server 2008 R2; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Opalis; PowerShell 2.0; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012

Phase 1: Core IO TECHNOLOGIESCONCEPTUAL

ARCHITECTURELOGICAL


DEFINITION TECHNOLOGIES

B S R D

Collaboration

WorkspacesOffice 2007 (client integration with SharePoint); Office 2010 (client integration with SharePoint); Office 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office SharePoint Server 2007 (document workspaces); SharePoint Online (document workspaces, client integration); SharePoint Online P1; SharePoint Online P2; SharePoint Server 2010 (document workspaces)

Portals Office 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office SharePoint Server 2007 (Active Directory Domain Services integration with SharePoint); SharePoint Online P1; SharePoint Online P2; SharePoint Server 2010 (Active Directory Domain Services integration with SharePoint)

Social Computing

Project Mgt

Information access


Messaging

Unified Communic

ations

IM/Presence

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency

Office 2007 (InfoPath 2007: form templates); Office 2007 (workflow integration); Office 2010 (InfoPath 2010: form templates); Office 2010 (workflow integration through Backstage); Office 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office SharePoint Server 2007 (form libraries, forms development environment, forms solutions repository); Office SharePoint Server 2007 (out-of-the-box workflows); SharePoint Designer 2007; SharePoint Designer 2010; SharePoint Online (form libraries); SharePoint Online (out-of-the-box workflows); SharePoint Online P1; SharePoint Online P2; SharePoint Server 2010 (form libraries, forms development environment, forms solutions repository, form layout templates); SharePoint Server 2010 (out-of-the-box workflows)

Compliance

Authoring


Interoperability

User Accessibility

Phase 1: BPIO TECHNOLOGIESCONCEPTUAL

ARCHITECTURELOGICAL



B S R D


Business IntelligenceOffice 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PivotViewer; Power View; PowerPivot; Report Builder; SharePoint 2010 Enterprise (Activity Feeds, Visio Services); SharePoint 2010 Standard; SharePoint Foundation 2010; SQL Azure; SQL Azure Reporting; SQL Server 2008 R2; SQL Server 2012; SQL Server Analytic Services; SQL Server Reporting Services; Visio 2007; Visio 2010


SQL Server 2008; SQL Server 2008 R2; SQL Server 2008 R2 Enterprise; SQL Server 2008 R2 Parallel Data Warehouse; SQL Server 2012; Visual Studio 11; Visual Studio 2008 (BI Development Studio); Visual Studio 2010

Big Data




Data Management Office Professional 2010; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2005; SQL Server 2008; SQL Server 2008 R2; SQL Server 2012


.NET Framework; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Internet Information Services (IIS) 6; Internet Information Services (IIS) 7; Internet Information Services (IIS) 8; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 R2; SQL Server 2012; System Center 2007; System Center 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Ultimate; Window Server 2008; Windows Communications Foundation (WCF) Services; Windows HPC Server 2008 R2; Windows Server 2008; Windows Server 2008 R2; Windows Server 2008R2 (Hyper-V); Windows Server 2012; Windows Server AppFabric; Windows Server AppFabric Cache

Custom Developme

nt



BizTalk Server 2006 R2; BizTalk Server 2006 R2 (Adapters); BizTalk Server 2009; BizTalk Server 2009 (Adapters); BizTalk Server 2010; Office Professional 2010 (Access 2010); Office SharePoint Server 2007; Office SharePoint Server 2007 (Business Data Catalog); SharePoint 2010; SharePoint 2010 (Business Connectivity Services); SQL Server 2008 R2; SQL Server 2012; Visual Studio 2008; Visual Studio 2010; Windows Server AppFabric

Enterprise Integration .NET Framework; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Office SharePoint Server 2007; SharePoint 2010; SQL Azure; SQL Server 2008 R2; SQL Server 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010 Professional


SQL Server 2008 R2; SQL Server 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Visual Studio Team Foundation Server 2010; Windows SDK


Office Professional 2010; Project 2010; Visual Studio 11; Visual Studio 11 Team Foundation Server; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Premium; Visual Studio Team Foundation Server 2010; Visual Studio Test Professional 2010

Phase 1: APO TECHNOLOGIESCONCEPTUAL

ARCHITECTURELOGICAL



CONCEPTUAL ARCHITECTUREPhase 1

MAPPING TECHNOLOGIESLOGICAL

ARCHITECTURE

PHASE DEFINITION

CONCEPTUAL ARCHITECTURE

Phase 1 LOGICAL ARCHITECTURE


MAPPING

PHASE DEFINITION


Agenda


Next Steps

Solution Guidance




LOGICAL ARCHITECTUREMAPPING

PHASE DEFINITION



Prioritize deals to ensure that the most urgent calculations are completed firstEnable parallel computing for performing simultaneous calculations and then solving them concurrentlyEnsure timely decisions with minimal error and greater accuracy



Maximize the time available to run simulations by ensuring infrastructure is at full capacityAllow for the storage and accessibility of all simulation and experiment resultsStore completed analysis clusters and easily return to the informationIdentify broken or stopped jobs quickly and replace them with productive jobs


Enable collaboration across groups who use simulation technologyCreate shared workflows to collaborate on models and resultsCreate more realistic models to better understand the physical world

Optimize use of computing resources to provide all users with quick access to research results based on business prioritiesSet up a system to monitor jobs to avoid duplication of jobsIntegrate research outcomes with the latest results from other simulations and experimentsProvide the ability to schedule dependent simulations to run after prerequisite simulations have run


EFFICIENCY


Run additional tests and simulations while ensuring faster and more efficient use of resourcesScale and optimize resource use through a combination of cloud-based and on-premises resourcesEnable service-level monitoring to help system administrators quickly validate that resources are available and performing as expectedKeep track of all software licensing and construct reports about application deployment and useAllow IT support to manage the administration of simulations without having access to the data within themCentrally manage server use to ensure that capacity is full before processing requests to prioritize jobs

Phase 2

B S R D

Datacenter Mgt and

Virtualization


Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Software update management and auditing are policy-driven and monitored, including automated vulnerability detection. Isolation and remediation of vulnerable and non-compliant systems are automated. The IT asset life cycle is automated, and managed using policies, procedures, and tools; management of assets and thresholds are based on automated inventory information. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Majority of production server resources are virtualized. Resource pooling implementation supports compliance and cost management strategies, such as Auditing and Reporting, Policy Management, Metered Usage, Multi-Tenancy and Process Automation. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.

Server Security

Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.


StorageIf a storage node fails, data access transparently fails over with no interruption in availability. Storage is managed and allocated dynamically from a highly available pool of physical space based on capacity required, and within limits set by policy quotas. Critical data is backed up by taking snapshots using a centralized, application-aware system.

Device Deploymen

t and

Management

Device Mgt & Virtualization

Software distribution to local and geographically dispersed users is automated. Desktop applications and system events are centrally monitored for critical desktop systems.

Device Security

Identity & Security

Services

Identity & Access

To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable.

Information Protection & Control

There are technologies and processes for discovery, user-driven classification, and protection of data at select points and for select protocols in the network (for example, at gateways or in e-mail). There are technologies and processes for discovery and protection of data that is created and used at select endpoints; individual users drive data classification. Reporting is predefined for select server and back-office waypoints.


Definitions of reliability for IT services are integrated across IT services and enforceable. IT service issues and design changes are tracked by using formal processes; testing is automated where possible. IT service release processes are uniform across IT services; deployment is automated and offers self service where possible; management reviews each service for readiness to release before deployment. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services, with incident management integration. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. Comprehensive service life cycle orchestration that is automated for some workloads.


B S R D

Collaboration

Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported.

Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services.

Social Computing

Project Mgt

Information access


Messaging

Unified Communic

ations

IM/Presence

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt


Compliance

Authoring


Interoperability

User Accessibility


B S R D



Self-service reporting and analysis environment and tools established and maintained by IT. Access to data is decentralized but governed by IT with a well-defined process for stewardship and governance. Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. From the BI portal, users are able to connect to internal and external data sources and combine them in a single report or data set for further analysis. Users can do sophisticated analysis and build rich BI applications using Excel or other analysis tools. BI portal has reporting and analysis capabilities that include exception highlighting, guided analysis, and predictive analysis with rich logic. Data Analysts use powerful data management workbench with integrated access to tools for data preparation, cleansing, multi-variate analysis, and a sophisticated set of data mining algorithms with extensibility and tuning options. Data Analysts can easily publish their findings and data sets for access by business users.


Real-time information is available to mission-critical applications, analytics, and reporting systems. Mature governance processes with integrated business rules are consistently applied for centralized data and data loading. EDW, data marts, and supporting storage and infrastructure are centrally managed. EDW serves as the hub that integrates data marts and enables a single view of data and data sets. EDW uses star/snowflake schemas with shared, conformed dimensions to simplify reporting and improve performance. Hardware architecture is balanced to optimize performance. The EDW covers all data from all transactional systems and is optimized for reporting and analysis using business intelligence semantic models (such as OLAP) that further consolidate data. The EDW is primarily fed from departmental data marts, but may be fed directly from key transactional systems to improve data freshness. Master data management of the EDW and data marts is centrally governed, although implementation, operations, and maintenance is still distributed. Data warehouse and data mart resources are explicitly governed. Audit information is available for performance, history, and forensic information. An IT-managed BI environment and applications at the department level are aligned with the enterprise data warehouse (EDW) environment and applications. IT proactively builds, maintains, and manages key reports and analysis models that are used regularly across the business. IT designs, implements, and manages semantic models (such as OLAP) and data schemas optimized for managed and self-service reporting and analysis.

Big Data




Data Management

Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas. Metadata and taxonomies are defined, implemented, and formally managed in one or more repositories with more reliance upon policy-based management to ensure proper configuration and adherence to policies. Business has begun to consolidate data, management plans, and policies for consistency across information stores. Adherence to stringent corporate or government regulatory compliance is a top priority. Reports are easily generated and viewed and greatly facilitate compliance audits for protection of data-at-rest and data-in-transit, and compensating controls are available.


A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. Standard service-based application architectures are being rationalized and implemented with appropriate governance. Applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. Applications use web services to communicate across application boundaries. Processes and infrastructure for managing service endpoints, service discovery, and routing of application messages is in place. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems. Components and services are explicitly tagged for reuse. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks. Applications' deployment standards are consistently followed. A consistent platform for running and managing applications is implemented, and applications are designed with consistent approaches to health monitoring. Operations proactively monitors applications and back-end services using a shared thresholds/alerting infrastructure, and a centralized management tool and/or self-service interface is used to manage applications, services, and physical and virtual assets. Application and service monitoring data may be rendered on process performance dashboards. Shared service exists for application caching with a dedicated team optimizing and adding capabilities to help performance and scale. Application performance and scale are typically accounted for in initial application design and implementation, so they are easy to scale and adapt. IT operations is proactive in monitoring applications and performance thresholds, and can adjust performance and scale on demand. For computationally intensive applications, parallel functionality is encapsulated into reusable libraries and components. Message-passing applications operate on large data sets. Standardized, proactive processes exist for parallel development in terms of metrics, quality gates, and automated tooling. Sophisticated scale-up strategies leverage high core count and heterogeneous processors (such as SIMD and GPU). Sophisticated scale-out strategies leverage MapReduce-style computation, data distribution and locality awareness. Service-balanced scheduling is employed for highly interactive workloads.




PHASE DEFINITION

B S R D

Custom Developme

nt



Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Along with IT, business units are becoming suppliers of reusable assets and realize that they can empower their users by connecting services and experience, building upon the assets that the central IT team provides and by creating their own. Creation of LOB extension applications can be accomplished without a lot of custom code and through the assembly of existing components. There is a designated tool for the creation of composite LOB extension in addition to the integration with advanced developer tools. However, other tools continue to exist for different functional purposes like workflow, UI creation, etc.

Enterprise Integration

Applications leverage an application communication infrastructure deployed in operations that is actively managed and has dynamic routing capabilities. Application integrations leverage standard application messaging protocols and infrastructure to connect various applications running on-premises and in the cloud, connecting mission-critical data and transactions across enterprise applications. Centralized data integration strategies and tools are used across the enterprise.




Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. Issue tracking is well integrated with change management. Test-driven development is accepted. Applications are designed for testability, with architectural and layer verification and validation. Agile testing is integrated tightly with agile development. Users and stakeholders are engaged on an ad hoc basis. Unit testing, static analysis, and profiling are used regularly. Virtualized test labs are used regularly. Development and test environments are virtualized, and standard virtualized images of development and test environments exist. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.

Phase 2: APO Continued

MAPPINGCONCEPTUAL

ARCHITECTURETECHNOLOGIESLOGICAL

ARCHITECTURE

PHASE DEFINITION

B S R D

Datacenter Mgt and

Virtualization


Compliance Management Libraries; Compliance Management Libraries 2.0; Data Classification Toolkit; Hyper-V Server 2008/2008 R2; Hyper-V Server 2008 (Mixed OS Virtualization, Branch Office Consolidation, Server Consolidation); Hyper-V Server 2008/2008 R2 Enterprise; Hyper-V Server 2008 R2 (Mixed OS Virtualization, Branch Office Consolidation, Server Consolidation); IT Governance, Risk and Compliance process management pack; IT Governance, Risk and Compliance process management pack 2.0; Microsoft Deployment Toolkit 2010/2012; Microsoft Software Inventory Analyzer 5.0/5.1; Opalis; Security Compliance Management Toolkit; Security Compliance Manager; Security Compliance Manager 2.x; Software Asset Management; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise/Datacenter (Hyper-V); Windows Server 2008 R2 Standard/Enterprise (Hyper-V); Windows Server 2012; Windows Server Update Services 2.0/3.0

Server Security

Forefront Endpoint Protection 2010; Forefront Protection 2010 for SharePoint; Forefront Security for SharePoint; Forefront Threat Management Gateway 2010 (Web antivirus/anti-malware protection, Network Inspection System); Forefront Unified Access Gateway 2010; Intelligent Application Gateway 2007; Internet Security and Acceleration Server 2006 (Multi-Networking); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2008 R2 Enterprise (Windows Firewall, Network Policy and Access Services); Windows Server 2012


Storage

Microsoft Online Backup Service; System Center 2012 Data Protection Manager; System Center 2012 Operations Manager; System Center 2012 Virtual Machine Manager; System Center Data Protection Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Backup and recovery); Windows Server 2008 R2 (Hyper-V) + Hardware pooling; Windows Server 2008 R2 Enterprise (Failover Clustering); Windows Server 2012 (Backup/Recovery, Hyper-V Replica, Cluster, Storage Spaces, Virtual Disks); Windows Storage Server 2008/2008 R2; Windows Storage Server 2008/2008 R2 (Backup and recovery); Windows Storage Server 2008 + Hardware pooling; Windows Storage Server 2008 Enterprise (Failover Clustering); Windows Storage Server 2008 R2 + Hardware pooling; Windows Storage Server 2008 R2 Enterprise (Failover Clustering)

Device Deploymen

t and

Management

Device Mgt & Virtualization Microsoft Deployment Toolkit 2010/2012; Microsoft Desktop Optimization Pack 2011/2011 R2 (Desktop Error Monitoring); Windows Azure; Windows Intune

Device Security

Identity & Security

Services

Identity & Access

Forefront Identity Manager 2010 (Credential Management); Forefront Identity Manager 2010 (Policy Management); Forefront Identity Manager 2010 R2; Hyper-V Server 2008 (Read-Only Domain Controller); Hyper-V Server 2008 R2 (Read-Only Domain Controller); Windows 7; Windows 8; Windows Azure; Windows Azure (Active Directory Access Control); Windows Server 2008 R2 (Group Policy); Windows Server 2008 R2 (Active Directory Domain Services, Read-Only Domain Controller); Windows Server 2008 R2 Enterprise/Datacenter (Active Directory Certificate Services); Windows Server 2012


Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012


Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Hyper-V Server 2008; Hyper-V Server 2008 R2; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Office SharePoint 2007 (Lists); Opalis; PowerShell 2.0; SharePoint 2010 (Lists); System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Visio Professional 2007; Visio Professional 2010; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012


ARCHITECTURELOGICAL



B S R D

Collaboration

Workspaces

Office 2007 (Groove 2007: offline collaborative workspaces); Office 2010 (SharePoint Workspace 2010: offline collaborative workspaces); Office 365 Dedicated (Dedicated is here for Hybrid); Office SharePoint Server 2007 (offline collaborative workspaces); SharePoint Online (access/view documents, client integration, mobile device support); SharePoint Server 2010 (offline collaborative workspaces, Web applications and companions, mobile-device view)

PortalsOffice 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office SharePoint Server 2007 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail); SharePoint Online (site manager); SharePoint Online P1; SharePoint Online P2; SharePoint Server 2010 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail)

Social Computing

Project Mgt

Information access


Messaging

Unified Communic

ations

IM/Presence

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency


Compliance

Authoring


Interoperability

User Accessibility


ARCHITECTURELOGICAL



B S R D



Data Mining Add-ins for Microsoft Office; Office 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PivotViewer; Power View; PowerPivot; Report Builder; SharePoint 2010 Enterprise (Excel Services, PerformancePoint Services, Visio Services, Activity Feeds); SharePoint 2010 Standard; SharePoint Foundation 2010; SQL Azure; SQL Azure Reporting; SQL Server 2008 R2; SQL Server 2012; SQL Server Analytic Services; SQL Server Reporting Services; Visio 2007; Visio 2010


SQL Server 2008; SQL Server 2008 R2; SQL Server 2008 R2 Data Center; SQL Server 2008 R2 Enterprise; SQL Server 2008 R2 Enterprise (Fast Track, SQL Server Analysis Services, SQL Server Reporting Services); SQL Server 2008 R2 Parallel Data Warehouse; SQL Server 2012; SQL Server 2012 (SQL Server Analysis Services, SQL Server Reporting Service); Visual Studio 11; Visual Studio 2008 (BI Development Studio); Visual Studio 2010

Big Data






.NET Framework; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Internet Information Services (IIS) 6; Internet Information Services (IIS) 7; Internet Information Services (IIS) 8; Office Professional 2010 (Word 2010, Excel 2010, PowerPoint 2010, Visio 2010); Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 R2; SQL Server 2012; System Center 2007; System Center 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Ultimate; Visual Studio Team Foundation Server 2010; Window Server 2008; Windows Azure AppFabric; Windows Communications Foundation (WCF) Services; Windows HPC Server 2008 R2; Windows Server 2008; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V); Windows Server 2012; Windows Server AppFabric; Windows Server AppFabric Cache

Custom Developme

nt



BizTalk ESB Toolkit; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Office Professional 2010 (Access 2010); Office SharePoint Server 2007; Office SharePoint Server 2007 (Business Data Catalog); SharePoint 2010; SharePoint 2010 (Business Connectivity Services); SQL Server 2008 R2; SQL Server 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Windows Server AppFabric

Enterprise Integration.NET Framework; BizTalk ESB Toolkit; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; SQL Azure; SQL Server 2008 R2; SQL Server 2012; System Center 2012; System Center Operations Manager 2007 R2; Visual Studio 11; Visual Studio 2008; Visual Studio 2010 Professional; Windows Azure AppFabric; Windows Server AppFabric




Office Professional 2010; Project 2010; Visual Studio 11; Visual Studio 11 Team Foundation Server; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Ultimate; Visual Studio Team Foundation Server 2010; Visual Studio Test Professional 2010


ARCHITECTURELOGICAL



CONCEPTUAL ARCHITECTUREMAPPING TECHNOLOGIES


PHASE DEFINITION




MAPPING

PHASE DEFINITION

LOGICAL ARCHITECTUREPhase 2

Agenda


Next Steps

Solution Guidance





MAPPING

PHASE DEFINITIONPhase 3



More easily identify when data is ready for review and when decisions can be madePrioritize computational needs based on business needs to analyze the most urgent data firstProvide immediate output during calculations by displaying more information to users at a faster speedEnable transparent access to information through common tools so users have faster access to more information, can analyze information more thoroughly, and can make better-informed decisions



Prioritize and maximize the simulations that are run for each experiment to use minimal time and optimal resourcesAllow researchers to easily query and see large sets of data and transfer relevant data as it is recognizedIntegrate multiple technologies to complete data analysis without data flow problemsProvide mechanisms to restart systems automatically and to initiate failover of broken nodes to ensure better business continuity



MAPPING

PHASE DEFINITIONPhase 3 Continued

Business Driver Needs Business CapabilitiesSPEED RESEARCH

AND DISCOVERYEnable collaboration across groups who use simulation technologyCreate shared workflows to collaborate on models and resultsCreate more realistic models to better understand the physical world

Consolidate and provide access to large volumes of data and results that are produced by model-based analysisEnable administrators to easily measure performance and efficiency and to help detect problems and take corrective actionsEnable computation that allows many simultaneous operations regardless of the underlying technology


EFFICIENCY


Deliver faster simulation results by increasing computing power, while optimizing infrastructure to run simulations and tests more effectivelyActively manage server use to make sure prioritization does not occur until hardware is at full capacityOffer a systematic and secure solution that is deployed from the cloud, integrates with on-premises assets, and gives IT organizations oversight and control of distributed data assetsEnable intelligent monitoring, reporting, and automation of routine and redundant tasks to reduce the level of manual effort requiredMaximize the effectiveness of software licenses through central managementManage user identity and access control for launching and monitoring jobs, and for gaining access to data and results, while improving data securityAllow jobs to be placed more efficiently for their applications' performance characteristics while protecting data from experiments and simulations

B S R D

Datacenter Mgt and

Virtualization


Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Software update management and auditing are policy-driven and monitored, including automated vulnerability detection. Isolation and remediation of vulnerable and non-compliant systems are automated. The IT asset life cycle is automated, and managed using policies, procedures, and tools; management of assets and thresholds are based on automated inventory information. Resource provisioning and deprovisioning occurs dynamically and is elastic. Workloads are relocated dynamically. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Resource pooling supports process and quality improvement programs (Process Excellence, Business Continuity etc.) and agility (real time elasticity, self service automation etc…) strategies. Integrated management across physical and virtual resources and Workloads. Service performance monitoring with automated remediation and centralized view across all SLAs; consolidated view across all management tools. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.

Server Security

Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.


Storage

If a storage node fails, data access transparently fails over with no interruption in availability. Storage is managed and allocated dynamically from a highly available pool of physical space based on capacity required, and within limits set by policy quotas. Critical data across the enterprise is protected continuously by replicating it at a separate location or by using a cloud-based service; data backups can be recovered by using a self-service recovery process.

Device Deploymen

t and

Management

Device Mgt & Virtualization

Software distribution to local and geographically dispersed users is automated. Desktop applications and system events are centrally monitored for critical desktop systems.

Device Security

Identity & Security

Services

Identity & Access

To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable.


Detection of classification and protection of data is supported by technologies and processes for some servers and back-office endpoints; individual users drive data classification. There are technologies and processes for discovery, user-driven classification, and protection of data at select points and for select protocols in the network (for example, at gateways or in e-mail). There are technologies and processes for discovery and protection of data that is created and used at select endpoints; individual users drive data classification. Reporting is predefined for select server and back-office waypoints.


Definitions of reliability for IT services are integrated across IT services and enforceable. IT service issues and design changes are tracked by using formal processes; testing is automated where possible. IT service release processes are uniform across IT services; deployment is automated and offers self service where possible; management reviews each service for readiness to release before deployment. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Monitoring, reporting, and auditing are automated with event correlation, notification of incidents that matter, and remediation for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services, with incident management integration. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. Comprehensive service life cycle orchestration that is automated for some workloads.


B S R D

Collaboration

Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported.

Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services.

Social Computing

Project Mgt

Information access


Messaging

Unified Communic

ations

IM/Presence

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt


Compliance

Authoring


Interoperability

User Accessibility


B S R D



Self-service reporting and analysis environment and tools established and maintained by IT. Access to data is decentralized but governed by IT with a well-defined process for stewardship and governance. Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. From the BI portal, users are able to connect to internal and external data sources and combine them in a single report or data set for further analysis. Users can do sophisticated analysis and build rich BI applications using Excel or other analysis tools. BI portal has reporting and analysis capabilities that include exception highlighting, guided analysis, and predictive analysis with rich logic. Dashboards are consistently used to provide operational and strategic views of the business from real time or periodically refreshed data. BI portal experience has rich visualizations, dashboards and scorecards with full data interactivity (slicing, filtering, etc.) consistent with self service reporting and analysis tools. Users have the ability to create unique personal and/or shared views of data that are actually combinations of multiple views (i.e. mashups). Data Analysts use powerful data management workbench with integrated access to tools for data preparation, cleansing, multi-variate analysis, and a sophisticated set of data mining algorithms with extensibility and tuning options. Data Analysts can easily publish their findings and data sets for access by business users.


EDW with integrated self-service BI is offered as a mature service. Provides sophisticated caching, compression, partitioning, indexing, cost-based query optimization, workload management functionality, and in-database analytics. Offers support for MapReduce and Hadoop APIs and uses a petabyte-scale distributed grid architecture.The EDW covers all data from all transactional systems and is optimized for reporting and analysis using business intelligence semantic models (such as OLAP) that further consolidate data. The EDW is primarily fed from departmental data marts, but may be fed directly from key transactional systems to improve data freshness. Master data management of the EDW and data marts is centrally governed, although implementation, operations, and maintenance is still distributed. Data warehouse and data mart resources are explicitly governed. Audit information is available for performance, history, and forensic information. An IT-managed BI environment and applications at the department level are aligned with the enterprise data warehouse (EDW) environment and applications. IT proactively builds, maintains, and manages key reports and analysis models that are used regularly across the business. IT designs, implements, and manages semantic models (such as OLAP) and data schemas optimized for managed and self-service reporting and analysis.

Big Data




Data Management

Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas. Enterprise policy exists across a single data store that is federated across systems/boundaries. All data asset and relationship maps are documented and impact analysis is accurate across the entire life cycle and used to approve/reject proposed changes. Adherence to stringent corporate or government regulatory compliance is a top priority. Reports are easily generated and viewed and greatly facilitate compliance audits for protection of data-at-rest and data-in-transit, and compensating controls are available.


A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. Business processes follow a model-driven, dynamic approach. IT manages a SOA-based application infrastructure, comprised of LOB back ends and composite applications that extend them and has complete monitoring of integration scenarios across the cloud and on-premises applications. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks. Applications' deployment standards are consistently followed. A consistent platform for running and managing applications is implemented, and applications are designed with consistent approaches to health monitoring. Operations proactively monitors applications and back-end services using a shared thresholds/alerting infrastructure, and a centralized management tool and/or self-service interface is used to manage applications, services, and physical and virtual assets. Application and service monitoring data may be rendered on process performance dashboards. Shared service exists for application caching with a dedicated team optimizing and adding capabilities to help performance and scale. Application performance and scale are typically accounted for in initial application design and implementation, so they are easy to scale and adapt. IT operations is proactive in monitoring applications and performance thresholds, and can adjust performance and scale on demand. Uniform resource brokering and seamless workload distribution is in place for computationally intensive workloads across workstations, high performance computing clusters, and cloud environments. A highly integrated development process is in use with processes and tools to support collaborative development of parallel code, leveraging the cloud for massive, data-intensive calculations, and composing complex mathematical libraries and models in performance-sensitive software. Meta-scheduling across multiple clusters enables transparent sharing of resources in an efficient fashion.

Custom Developme

nt



Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Along with IT, business units are becoming suppliers of reusable assets and realize that they can empower their users by connecting services and experience, building upon the assets that the central IT team provides and by creating their own. Creation of LOB extension applications can be accomplished without a lot of custom code and through the assembly of existing components. There is a designated tool for the creation of composite LOB extension in addition to the integration with advanced developer tools. However, other tools continue to exist for different functional purposes like workflow, UI creation, etc.

Enterprise IntegrationApplications leverage an application communication infrastructure deployed in operations that is actively managed and has dynamic routing capabilities. Application integrations leverage standard application messaging protocols and infrastructure to connect various applications running on-premises and in the cloud, connecting mission-critical data and transactions across enterprise applications. Centralized data integration strategies and tools are used across the enterprise.




Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. Issue tracking is well integrated with change management. Test-driven development is accepted. Applications are designed for testability, with architectural and layer verification and validation. Agile testing is integrated tightly with agile development. Users and stakeholders are engaged on an ad hoc basis. Unit testing, static analysis, and profiling are used regularly. Virtualized test labs are used regularly. Development and test environments are virtualized, and standard virtualized images of development and test environments exist. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.




PHASE DEFINITION

B S R D

Datacenter Mgt and

Virtualization


Compliance Management Libraries; Compliance Management Libraries 2.0; Data Classification Toolkit; Hyper-V Server 2008/2008 R2; Hyper-V Server 2008 (Mixed OS Virtualization, Branch Office Consolidation, Server Consolidation); Hyper-V Server 2008 Enterprise; Hyper-V Server 2008 R2 (Mixed OS Virtualization, Branch Office Consolidation, Server Consolidation); Hyper-V Server 2008 R2 Enterprise; IT Governance, Risk and Compliance process management pack; IT Governance, Risk and Compliance process management pack 2.0; Microsoft Deployment Toolkit 2010/2012; Microsoft Software Inventory Analyzer 5.0/5.1; Opalis; Security Compliance Management Toolkit; Security Compliance Manager; Security Compliance Manager 2.x; Software Asset Management; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise/Datacenter; Windows Server 2008 R2 Enterprise/Datacenter (Hyper-V); Windows Server 2008 R2 Standard/Enterprise (Hyper-V); Windows Server 2012; Windows Server Update Services 2.0/3.0

Server Security

Forefront Endpoint Protection 2010; Forefront Protection 2010 for SharePoint; Forefront Security for SharePoint; Forefront Threat Management Gateway 2010 (Web antivirus/anti-malware protection, Network Inspection System); Forefront Unified Access Gateway 2010; Intelligent Application Gateway 2007; Internet Security and Acceleration Server 2006 (Multi-Networking); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2008 R2 Enterprise (Windows Firewall, Network Policy and Access Services); Windows Server 2012


Storage

Microsoft Online Backup Service; System Center 2012 Data Protection Manager; System Center 2012 Operations Manager; System Center 2012 Virtual Machine Manager; System Center Data Protection Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Backup and recovery); Windows Server 2008 R2 (Hyper-V) + Hardware pooling; Windows Server 2008 R2 Enterprise (Failover Clustering); Windows Server 2012 (Backup/Recovery, Hyper-V Replica, Cluster, Storage Spaces, Virtual Disks); Windows Storage Server 2008; Windows Storage Server 2008 (Backup and recovery); Windows Storage Server 2008 + Hardware pooling; Windows Storage Server 2008 Enterprise (Failover Clustering); Windows Storage Server 2008 R2; Windows Storage Server 2008 R2 (Backup and recovery); Windows Storage Server 2008 R2 + Hardware pooling; Windows Storage Server 2008 R2 Enterprise (Failover Clustering)

Device Deploymen

t and

Management

Device Mgt & Virtualization Microsoft Deployment Toolkit 2010/2012; Microsoft Desktop Optimization Pack 2011/2011 R2 (Desktop Error Monitoring); Windows Azure; Windows Intune

Device Security

Identity & Security

Services

Identity & Access

Forefront Identity Manager 2010 (Credential Management, Policy Management); Forefront Identity Manager 2010 R2; Hyper-V Server 2008/2008 R2 (Read-Only Domain Controller); Windows 7/8; Windows Azure; Windows Azure (Active Directory Access Control); Windows Server 2008 R2 (Active Directory Domain Services, Group Policy, Read-Only Domain Controller); Windows Server 2008 R2 Enterprise/Datacenter (Active Directory Certificate Services); Windows Server 2012


Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012


Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Hyper-V Server 2008/2008 R2; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Office SharePoint 2007 (Lists); Opalis; PowerShell 2.0; SharePoint 2010 (Lists); System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Visio Professional 2007; Visio Professional 2010; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012


ARCHITECTURELOGICAL

ARCHITECTURE

MAPPINGPHASE


B S R D

Collaboration

Workspaces

Office 2007 (Groove 2007: offline collaborative workspaces); Office 2010 (SharePoint Workspace 2010: offline collaborative workspaces); Office 365 Dedicated (Dedicated is here for Hybrid); Office SharePoint Server 2007 (offline collaborative workspaces); SharePoint Online (access/view documents, client integration, mobile device support); SharePoint Server 2010 (offline collaborative workspaces, Web applications and companions, mobile-device view)

PortalsOffice 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office SharePoint Server 2007 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail); SharePoint Online (site manager); SharePoint Online P1; SharePoint Online P2; SharePoint Server 2010 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail)

Social Computing

Project Mgt

Information access


Messaging

Unified Communic

ations

IM/Presence

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency


Compliance

Authoring


Interoperability

User Accessibility


ARCHITECTURELOGICAL

ARCHITECTURE

MAPPINGPHASE


B S R D



Data Mining Add-ins for Microsoft Office; Office 365 E1; Office 365 E2; Office 365 E3; Office 365 E4; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PivotViewer; Power View; PowerPivot; Report Builder; SharePoint 2010 Enterprise (Activity Feeds, Visio Services); SharePoint 2010 Enterprise (Insights, Excel Services, PerformancePoint Services); SharePoint 2010 Standard; SharePoint Foundation 2010; SharePoint Online (Insights, Excel Services, Visio Services); SQL Azure; SQL Azure Reporting; SQL Server 2008 R2; SQL Server 2012; SQL Server Analytic Services; SQL Server Reporting Services; Visio 2007; Visio 2010


Hadoop Connector for SQL Server Parallel Data Warehouse; HP Enterprise Data Warehouse Appliance; SQL Server 2008; SQL Server 2008 R2; SQL Server 2008 R2 Data Center; SQL Server 2008 R2 Enterprise; SQL Server 2008 R2 Enterprise (Fast Track, SQL Server Analysis Services, SQL Server Reporting Services); SQL Server 2008 R2 Parallel Data Warehouse (PDW); SQL Server 2012; SQL Server 2012 (SQL Server Analysis Services, SQL Server Reporting Service); Visual Studio 11; Visual Studio 2008 (BI Development Studio); Visual Studio 2010

Big Data






.NET Framework; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Internet Information Services (IIS) 6; Internet Information Services (IIS) 7; Internet Information Services (IIS) 8; Office PerformancePoint Server; Office Professional 2010 (Word 2010, Excel 2010, PowerPoint 2010, Visio 2010); Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 R2; SQL Server 2012; System Center 2007; System Center 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Ultimate; Visual Studio Team Foundation Server 2010; Window Server 2008; Windows Azure AppFabric; Windows Communications Foundation (WCF) Services; Windows HPC Server 2008 R2; Windows Server 2008; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V); Windows Server 2012; Windows Server AppFabric; Windows Server AppFabric Cache

Custom Developme

nt



BizTalk ESB Toolkit; BizTalk Server 2006 R2; BizTalk Server 2009; BizTalk Server 2010; Office Professional 2010 (Access 2010); Office SharePoint Server 2007; Office SharePoint Server 2007 (Business Data Catalog); SharePoint 2010; SharePoint 2010 (Business Connectivity Services); SQL Server 2008 R2; SQL Server 2012; Visual Studio 11; Visual Studio 2008; Visual Studio 2010; Windows Server AppFabric

Enterprise Integration .NET Framework; BizTalk ESB Toolkit; BizTalk Server 2009; BizTalk Server 2010; SQL Azure; SQL Server 2008 R2; SQL Server 2012; System Center 2012; System Center Operations Manager 2007 R2; Visual Studio 11; Visual Studio 2010 Professional; Windows Azure AppFabric; Windows Server AppFabric




Office Professional 2010; Project 2010; Visual Studio 11; Visual Studio 11 Team Foundation Server; Visual Studio 2008; Visual Studio 2010; Visual Studio 2010 Ultimate; Visual Studio Team Foundation Server 2010; Visual Studio Test Professional 2010


ARCHITECTURELOGICAL

ARCHITECTURE

MAPPINGPHASE


CONCEPTUAL ARCHITECTURE

MAPPING TECHNOLOGIES


PHASE DEFINITION




MAPPING

PHASE DEFINITION

LOGICAL ARCHITECTUREPhase 3

Agenda


Next Steps

Solution Guidance



Example: Steps to Customize the Solution

Identify your top-priority business drivers

Identify the business capabilities in the Capability Discussion Guide that match your priorities (see below)

Choose the phase (Phase 1, Phase 2, or Phase 3) that corresponds to your priorities

Add, remove, or adjust capabilities

Customize the pre-defined solutions (Phase 1, Phase 2, or Phase 3) by doing the following:

Understand your priorities

Choose a starting point

Adjust the mapping

Example Solution Area: Phase 1 B S R D

Datacenter Mgt and

Virtualization


Deployment and management of software updates are tool based. The organization actively uses virtualization to consolidate resources for production workloads. Some production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. Services are available during server failure (for example, server clustering, hot spares, and virtualization recovery solution).

Server Security

Protection against malware is centrally managed across server operating systems within organizations, including the host firewall. Protection for select mainstream/non-custom applications and services (such as email, collaboration and portal applications, and instant messaging), if available, is centrally managed. Integrated perimeter firewall, IPS, web security, gateway antivirus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across data center, application, organization, and cloud boundaries. Remote access is secure, standardized, and available to end users across the organization.

Networking Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and include support for automatic configuration. Network quality of service (basic prioritization of applications and services) is standard, with manual allocation of available bandwidth. IPv4 is present for main transport services, using IPv6 for some transport services (for example, to achieve a larger address range).

Storage If a single disk or system component fails, no data is lost but data availability may be interrupted. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements.

Device Deploymen

t and Manageme

nt

Device Mgt & Virtualization ? Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices. Mobile phones are used

for over-the-air synchronization with email, calendar, and contacts.

Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process.

Identity & Security

Services

Identity & Access ?

To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods and machines; access control is role-based. Password policies are set within a directory service to enable single sign-on across boundaries for most applications. Password resets occur through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories.

Information Protection & Control Persistent information protection exists within the trusted network to enforce policy across key sensitive data (such as documents and email); policy

templates are used to standardize rights and control access to information.


IT policies are documented for each IT service. Each IT service has a process to manage bug handling and design changes; IT services are tested according to defined test plans based on specifications. IT service release and deployment processes are formally defined and consistently followed. Each IT service provides service-level and operational-level agreements. Processes to manage incidents are in place for each IT service. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Problem management processes are in place for each IT service, with self-service access to knowledge base. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service.

Example: Customized Solution Requirements

Example: Tips to Customize the Solution

Server Security helps protect and secure the server infrastructure at the data center from viruses, spam, malware, and other intrusions.

Consider using an alternate maturity level that corresponds to your requirements

Identify, document, and discuss how a capability may be relevant

Keep a capability if you are unsure whether you need it

Agenda


Next Steps

Solution Guidance



Engagement Approach

Audience

Solution road map

Solution areas Industry Horizontal

Business strategy

Integrated Capability Analysis => Projects, architecture, products

1. Present relevant integrated capabilities

2. Position the Integrated Enterprise Platform approach

Busi

ness

exe

cuti

ves

1. Understand business needs and priorities

2. Discuss range of potential solution capabilities

ITexe

cuti

ves

Arc

hit

ect

s IT

pro

/dev

exe

cuti

ves

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing

market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Documents

High-Performance Computing Solution Implementer Guide