Optimizing your Server Infrastructuredownload.microsoft.com/documents/uk/business/peopleready/... · 2018-12-05 · Optimizing your server infrastructure | 007 | The financial impact

Best practices to rightsize and simplify your enterprise server infrastructure

Optimizing your Server Infrastructure


� | �007 | Optimizing your server infrastructure

Introduction:

Enterprises worldwide are embracing a digital work style to stay competitive in a dynamic and increasingly global business environment. This work style requires that teams collaborate seamlessly across organizations and time zones, while success relies on speed, mobility and connectivity.

These trends place ever-increasing pressure on IT departments to provide rich, connected capabilities across the infrastructure, while protecting both the environment and its confidential data from intrusion and disruption. The explosion of social networks and communication devices, and the exponential growth of information stored, accessed and shared create an environment where compliance is daunting, security is threatened and complexity becomes overwhelming.

Implications for the enterprise server infrastructure are far-ranging (see box for definitions). The need to en-able key services such as faster information processing, streaming media, web serving and online transactions is fueling the demand for server power and speed. Looking to meet this demand in a cost-effective manner, businesses are rapidly building complex networks of interconnected servers and clustered “standard” systems, often distributed across several geographies. This highly complex, distributed server infrastructure is often costly, difficult to manage and secure and prevents effective execution of compliance policies.

Server infrastructure optimization

According to IDC, CIOs are under “tremendous pressure to reduce IT costs while improving services to the business.1” However, overburdened with the complexity of daily operations, IT Managers face a difficult challenge: That is, how to meet the business demands for speed and power while, at the same time, simplify IT operations and reduce costs? Facing this challenge requires a shift of mindset from solving pressing problems with point solutions to gradually optimizing the server infrastructure as a whole to stimulate long-term and sustainable business growth.

A server optimization strategy delivers value to the organization in three ways:

Control Costs Enhance Security and Compliance Drive AgilitySimplify, automate and centralize IT

operations to optimize resource utilization

Ensure business continuity by enhancing infrastructure security and compliance

Adapt IT infrastructure rapidly according to business needs

Centralize server managementMaximize resource utilizationAutomate repetitive tasks

●●●

Integrate management and securityStrengthen access securityEnhance compliance

●●●

Expedite deploymentIntegrate legacy systemsEnhance disaster recovery

●●●

Server Infrastructure defined:

In this paper, the term “server infrastructure” includes all enterprise servers, commonly divided as follows:

Datacenter servers : Typically rack-mounted line-of-business and mission critical servers located at the datacenter (approximately 50% of all enterprise servers)

Departmental servers: Servers dedicated to the web, mail, security, ecommerce, and file and print functions scattered through the enterprise HQ (approximately 25% of all enterprise servers)

Remote site servers: Servers located at branches and remote locations (approximately �5% of all enterprise servers)

Remote site servers are covered in more detail in the following related document:

Remote Infrastructure Optimization (link to document)

●

●

●

1Optimizing Infrastructure: The Relationship Between IT Labor Costs and Best Practices for Systems Management Server, IDC, January 2007


Optimizing your server infrastructure | �007 | �

The financial impact of moving from Basic to Dynamic is significant. IDC conducted a study focused on desktop infrastruc-ture with over �00 IT departments in the fall of �006, benchmarking IT costs, service levels and “agility”. This study found that higher levels of IT maturity resulted in savings of up to 80% in IT labor with notable improvements in service levels and application deployment speed. Recent customer cases also indicate significant gains from server infrastructure optimization (see table below)

Basic Standardized Rationalized Dynamic

Uncoordinated, manual

Infrastructure

Managed IT in-frastructure with limited automa-tion and knowl-

edge capture

Managed and consolidated IT infrastructure with extensive automation;

knowledge cap-tured and resued

Fully automated management,

dynamic resource usage, business

linked SLAs; knowledge capture automated and use

automated

Cost Center Efficient Cost Center Business Enabler Strategic Asset

Leveraging Microsoft’s Infrastructure Optimization (IO) model

Microsoft’s IO Model helps enterprises understand the current state of their IT infrastructure and devise a roadmap for their business to increase agility. By categorizing different aspects of the infrastructure as one of the four levels of Microsoft IO Model (see diagram to the right), Microsoft identifies for the enterprise the strategic value and business benefits in mov-ing from a “basic” level of maturity (where the IT infrastructure is generally considered a “cost center”) towards a more “dynamic” one when the business value of the IT infrastructure is clearly understood and the IT infrastructure is viewed as a strategic business asset and business enabler.

1 Deploy End-to-End Server Management Tools

� Implement Defense-in-Depth Security

� Enable Comprehensive Disaster Recovery Capabilities

4 Deploy Enterprise-Wide Identity Management

5 Consolidate Servers through Virtualization

Combined with the right software tools, well-defined policies and documented processes, these best practices will help you achieve a well-managed, secure server infrastructure and streamline the efforts to maintain it.

Best practices for server infrastructure optimization

This paper highlights five best practices and related IT projects for server infrastructure optimization and highlights how can Microsoft help organizations in implementing these best practices. The best practices are:

Cut downtime on key IT services by more than 20%Example: SOK Group expects to cut downtime of its e-mail infrastructure by �0 to �0 percent.

Reduce administrative overhead by more than 40%Example: Tyco estimates they will save 45 percent of the cost of managing its environment.

Save more than 60% on IT costsExample: Carnival Cruise Lines consolidated configuration groups by 67%


4 | �007 | Optimizing your server infrastructure

The server management challenge

The ever-growing demand for speed, power and func-tionality is driving businesses to add hundreds and even thousands of servers annually to their already complex IT environments. Large clusters of industry-standard servers are hastily built-in alongside legacy systems and, often, the speed of these additions outpaces the ability of IT profes-sionals to implement the necessary system management and monitoring tools. The result is a costly and time con-suming server operation that relies on disparate, “bolt-on” management solutions and manual intervention for most IT tasks. In fact, recent studies indicate that companies spend close to 70 percent or more of their IT budgets just on maintaining their existing infrastructure, which leaves �0 percent or less to invest in new strategic IT opportunities.

In summary, critical challenges IT Professionals face in server management are:

Manage large-scale, complex server networks: The trend toward commodity-based environments is accelerating alongside the move toward more dense computing through the implementation of rack and blade architecture solutions

Integrate disparate server management tools: As server infrastructures grow over time, most IT organi-zations respond by deploying a succession of redun-dant, point-solution tools. According to Gartner, the result is “systems management infrastructure can be time consuming and labor intensive to operate”

Reduction of repetitive administrative tasks: Over 70 percent of today’s administration tasks are either completely manual or script driven, and those that are automated tend to be unique to a particular application.

●

●

●

I. Deploy End-to-End Server Management Tools

Improveservicelevelsbymaximizingcontrolofyourserverinfrastructure

System COmplexity

System Predictability

Server Security

Business Agility

Simplifying server application deployment: Deploy-ment of a distributed application is a manual process that is coordinated among multiple people and is closely coupled to hardware that is purchased specifi-cally for an application.

●

“44% of IT Managers consider centralization of IT management a key business priority in 2007” Information Week, Technology Outlook: IT Priorities for 2007

Leveraging the IO model to improve server infrastructure management

Deploying end-to-end server management tools is a criti-cal steps towards a more dynamic IT infrastructure. Micro-soft’s Core IO model identify many possible projects that can help in this progression. Examples of these projects by maturity level are presented in the figure below. To deter-mine the level of maturity of your infrastructure contact your Microsoft representative. Also, more information can be found at: www.microsoft.com/io

Optimize server management with Microsoft technologies

Microsoft offers a family of solutions that simplify server management by sharing a common infrastructure and re-porting platform (see final section of this paper for details). With these solutions integrated your IT organization can:

Easily centralize management of large-scale server networks:

Monitor and manage large-scale server networks easily with tiered views of tens of thousands of servers

Simplify and automate large-scale server software deployments with comprehensive tools to plan, test, deploy, analyze and optimize server software

●

●


Optimizing your server infrastructure | �007 | 5

Enable monitoring of system performance, security and access in a single console through current, uni-fied views of the server network

Accelerate diagnosis and response via expert information from a centralized system management solution

Reduce Repetitive Tasks:

Automate health monitoring, reduce error noise, isolate processes, improve diagnostics, and act on alerts with best for Windows management pack knowledge and improved capabilities

Deploy applications, OS, security technologies to servers (and clients) with the right configuration, updates, and patches, through policy-based automated software inventory and distribution

Maintain up-to-date inventory with visibility of connected devices

Automate the entire lifecycle of user identities and their associated credentials across multiple enter-

●

●

●

●

●

●

prise systems and line of business applications. Create and maintain standard configurations for your server environment

Prevent Disruptions Proactively:

Optimize performance by monitoring application health

Ensure continuous operation of your systems man-agement capability using integrated failover tech-nology using management packs

Protect servers by continuously capturing data changes with application-aware agents, for one-click lossless application recovery

Since the Microsoft suite of server management and security tools are built upon a common infrastructure, the complexity of deployment, reporting, and integration is greatly reduced. IT staff find that a significant portion of their time previously spent on repetitive, administrative tasks can be re-allocated to more strategic activities.

●

●

●

IT Management Scenario: Application Security Patch

Connie, an IT administrator for a 1,500 seat call center, just received notice that a key application used across the com-pany has a critical security vulnerability. A patch has just been released by the application developer, and fortunately none of his PCs have been effected.

Prior to deploying Systems Center Operations Manager, Connie would have had to manually get the patch out to every user—either desk to desk, or by relying on individuals to download the patch on their own. Furthermore, the list of users who were approved to use specific line-of-business applications, such as the one currently experiencing the vulnerability, was often out-of-date. Hence, she could never confidently know that the security vulnerability was completely closed.

With Systems Center Operations Manager now deployed in her company’s server infrastructure, Connie simply sched-ules the patch to go out using one management console to all of the PCs designated to run this application. With this tool, she is able to load balance the distribution of the code and plan it for off-peak network use. Since Connie is able to leverage Active Directory, she is confident that all current users of this line-of-business application get the patch update on-time.

Within hours, the vulnerability is closed, and Connie has the confidence that each PC that needs the patch has received it. All with just a few clicks of the mouse!



www.tycohealthcare.com

Customer Size: 4�,000 employees

Organization Profile: Tyco Healthcare, a major business segment of Tyco International Ltd., manufactures, distributes, and services an extensive line of products found in virtually every healthcare setting. The company is based in Mansfield, Mass.

Business Situation: Tyco Healthcare wanted in-depth informa-tion about the performance of its 1,500 servers in order to boost effectiveness, reduce costs, and support growth—critical informa-tion it wasn’t getting from its monitoring software.

Business Solution

With Microsoft System Center Operations Manager and Windows Server �00� R� Enterprise Edition, Tyco Healthcare was able to manage its infrastructure of 1,500 with only 15 Systems Center Operations Manager �007 servers, institute service-level agree-ments, redeploy resources more effectively, and save 45 percent over the cost of its previous solution. Additionally, Tyco Health-

care believes the Microsoft solution is scalable enough to support an anticipated doubling of the Tyco Healthcare infrastructure to �,000 servers over the next seven years—without needing to add a single monitoring server

Benefits:

• Lowers operations management costs by 45%• Reduces response time • Improves enterprise view • Delivers high performance • Improves resource allocation“We didn’t know what information we weren’t getting from our line of business applications and back end servers. Now we know what information we should be getting—and we get it … and we save 45% over the cost of our previous server management solution.”

Joseph Davis Project Manager, Tyco Healthcare

Case Study: Tyco Gains Global Management View, Cuts Operations Management Costs 45 Percent, with Monitoring Solution



www.tycohealthcare.com

Customer Size: 4�,000 employees

Organization Profile: Tyco Healthcare, a major business segment of Tyco International Ltd., manufactures, distributes, and services an extensive line of products found in virtually every healthcare setting. The company is based in Mansfield, Mass.

Business Situation: Tyco Healthcare wanted in-depth informa-tion about the performance of its 1,500 servers in order to boost effectiveness, reduce costs, and support growth—critical informa-tion it wasn’t getting from its monitoring software.

Business Solution

With Microsoft System Center Operations Manager and Windows Server �00� R� Enterprise Edition, Tyco Healthcare was able to manage its infrastructure of 1,500 with only 15 Systems Center Operations Manager �007 servers, institute service-level agree-ments, redeploy resources more effectively, and save 45 percent over the cost of its previous solution. Additionally, Tyco Health-

care believes the Microsoft solution is scalable enough to support an anticipated doubling of the Tyco Healthcare infrastructure to �,000 servers over the next seven years—without needing to add a single monitoring server

Benefits:

• Lowers operations management costs by 45%• Reduces response time • Improves enterprise view • Delivers high performance • Improves resource allocation“We didn’t know what information we weren’t getting from our line of business applications and back end servers. Now we know what information we should be getting—and we get it … and we save 45% over the cost of our previous server management solution.”

Joseph Davis Project Manager, Tyco Healthcare

Case Study: Tyco Gains Global Management View, Cuts Operations Management Costs 45 Percent, with Monitoring Solution

The enterprise work force is becoming more mobile and collaborative. Workers have complex access requirements to individual, team, corporate, and partner data. They need to access and share this data both locally and remotely, sometimes from unsecured locations and devices. Instant messaging, e-mail, remote access, and Internet access are business-critical tools, so any service interruptions are det-rimental to productivity.

However, providing the necessary messaging and col-laboration infrastructure increases security needs. The four major threats are:

Malware: Today, many viruses and worms are de-signed to rapidly infect millions of computer systems across the world using the Internet, e-mail, and instant messaging.

Spam: Businesses are being overwhelmed with unso-licited e-mail that is sapping network resources and flooding e-mail inboxes. Spam is not only a threat to

●

●

MalwareVulnerability

Up-to-dateserver

protection throughout the network

Security state

visibility

II. Implement Defense-In-Depth Security

Protectyourmessagingandcollaborationinfrastructure

End-userdowntime

corporate productivity, but it has become a common carrier for malicious code. As a result, the messaging infrastructure is a critical focal point for businesses in the fight against malicious software

Unauthorized Network Access: Security procedures and policies that are adequate to protect LAN data can be ineffective when the network is opened to outsiders for messaging and collaboration. In addition, hackers are now using more sophisticated application-layer attacks.

Unauthorized Data Access: Businesses are increasing-ly concerned with sensitive information leaking outside of the business through the messaging and collabora-tion infrastructure.

Many companies are successfully adopting a “Defense-in-Depth” approach to protecting their IT (and server) infrastructure. This approach requires the use of multiple security technologies at multiple points in the network to help reduce the overall probability that attacks can exploit business-critical resources. To create the necessary de-fenses, businesses can protect themselves at three points in the infrastructure: the network edge, on servers, and with the information itself. The network edge plays two roles; to secure access and to protect the network from internal and external threats.

Secure Access: Messaging and collaboration defenses must stop unauthorized access to the network, ap-plications, and corporate data. This layer of protection must secure access to internal servers against all kinds of malicious access.

Edge Protection: Antivirus and anti-spam protections should both be applied either off-network via hosted

●

●

●

●

Information

Server

Edge

Secured access

Defense-in-depth approach relies on multiple layers of security



services or at the network edge. This layer of preven-tion not only helps keep viruses and spam from reach-ing end users, it also significantly reduces the overall traffic flowing to e-mail servers.

Server Protection: Security threats can attack from both inside and outside the network as well as through authorized computers. For example, an employee can unintentionally copy a virus infected file to a machine on a secure network from a USB key.

Information Protection: Protecting digital informa-tion is a difficult and ongoing task. Typically, businesses secure digital information by using perimeter-based security methods. Firewalls can limit access to the network, and Access Control Lists can restrict access to specific data.

Information protection that travels with the data to aug-ment access control lists and firewalls.

Security solutions need to be reliable and manageable to provide any level of protection. The integration of secu-rity and management tools is one of the most important ways to ensure that security solutions perform optimally. Perhaps most critical to IT staff, integration enables easier management of security systems. With integrated systems, IT administrators can configure, deploy, update, report and monitor from fewer consoles.

Leverage the Core IO Model to achieve integrated server infrastructure security:

The Core Infrastructure Optimization model provides step-by-step guidance to organizations as they implement an integrated security strategy for their server infrastructure. By implementing the series of projects shown in the figure below IT departments can continuously advance the matu-rity of their enterprise’s server security.

Implement Defense-In-Depth security with Microsoft technologies:

Microsoft offers a family of integrated security solutions (see last section of this paper) that help customers secure and manage their server infrastructure through a common platform. With these solutions, your IT organization can:

●

●

Prevent Disruptions Proactively:

Comprehensively protect your infrastructure from malware and improve reliability, with integratedspecific protection for messaging and collaboration servers

Leverage cutting-edge security updates from a world-class team of security and malware experts, comprising the reliability from the research teams of six leading security software firms

Control access by role and job level based on Active Directory users and groups

Deploy and manage application-specific filters throughout the network, as well technologies that ensure the confidentiality and authenticity of valuable data with Forefront

Integrate security and management tools:

Leverage integrated security and management tools to monitor “defense-in-depth” security technologies while a centralized configuration management tool deploys malware protection software and updates. Deployment is enhanced by active directory capabilities.

Easily remediate common configuration errors which compromise security

Protect Windows servers by continuously capturing data changes with application-aware agents, for one-click lossless application recovery

Accelerate diagnosis and response via expert informa-tion from Microsoft management tools

Use a centralized virtual machine manager to centrally and virtually manage your infrastructure and allows both administrators and end users to rapidly provision new virtual machines in the event of security threat

Enable Secure Remote Access:

Allow only secure and authorized access to networks and applications via an end-to-end solution across network perimeter protection, strong authentication and identity management

Allow external entities to access internal resources securely without needing to manage their identities.

●

●

●

●

●

●

●

●

●

●

●

Case Study: SOK Group - Top Russian Manufacturer Cuts Downtime 20 to 30 Percent with Security Solution

www.sok.ru

Customer Size: 60,000 employees

Organization Profile:

SOK Group, based in Samara, Russia, is one of the biggest manag-ing companies in that country, controlling more than 40 compa-nies engaged in industry, trade and services.

Business Situation: SOK Group, one of Russia’s largest manufac-turers, relied on a third-party product to protect its central e-mail infrastructure. But the single scan engine in that product some-times allowed new viruses to slip through.

Business Solution: SOK Group upgraded to Microsoft® Exchange Server 2007, it also migrated to Microsoft® Forefront™ Security for Exchange Server. As a result, SOK expects to cut downtime by 20 to 30 percent.

Benefits:

Cut the downtime of its e-mail infrastructure by �0 to �0 percentUse five scan engines simultaneously in Forefront Security for Exchange Server, compared to the single scan engine in its previous security productEasier and more cost-effective management of e-mail security

We’ve seen the problems that come with just a single scan engine and we don’t want to see them anymore. Forefront Security for Exchange Server simply gives us a higher level of protection. Given the mission-critical nature of our e-mail system, that’s very impor-tant.

Petr Grachev Chief Information Officer SOK Group

●

●

●


Optimizing your server infrastructure | �007 | �

IT Management Scenario: Communications Security Capabilities

Jorge is an IT administrator for a 5,000 seat enterprise. One of Jorge’s main tasks is to oversee the health and per-formance of the company’s communications servers. Recently, the company wanted to reduce the risk of liability and instituted a new corporate policy prohibiting the sharing of pirated music files and emails with offensive lan-guage. The head of Human Resources asked Jorge if there was a way that IT could assist in complying with this new policy.

Jorge thought his company could benefit from Forefront for Exchange Server. In addition to thwarting viruses and other malware, this communications security solution has features that allow companies to specify the types or characteristics of files are to be blocked – for example, Jorge could choose to block password-protected, .bat, and .exe files. This way, these undesired files are stopped from even entering into the corporate mail store, providing an additional layer of protection to the communications infrastructure.

Monitoring security alerts was simple: Jorge was able to use his existing server management tool, System Center Operations Manager, to manage any security alerts from Forefront for Exchange since the tools integrate easily due to their common infrastructure.

Case Study: SOK Group - Top Russian Manufacturer Cuts Downtime 20 to 30 Percent with Security Solution

www.sok.ru


Organization Profile:

SOK Group, based in Samara, Russia, is one of the biggest manag-ing companies in that country, controlling more than 40 compa-nies engaged in industry, trade and services.

Business Situation: SOK Group, one of Russia’s largest manufac-turers, relied on a third-party product to protect its central e-mail infrastructure. But the single scan engine in that product some-times allowed new viruses to slip through.

Business Solution: SOK Group upgraded to Microsoft® Exchange Server 2007, it also migrated to Microsoft® Forefront™ Security for Exchange Server. As a result, SOK expects to cut downtime by 20 to 30 percent.

Benefits:

Cut the downtime of its e-mail infrastructure by �0 to �0 percentUse five scan engines simultaneously in Forefront Security for Exchange Server, compared to the single scan engine in its previous security productEasier and more cost-effective management of e-mail security

We’ve seen the problems that come with just a single scan engine and we don’t want to see them anymore. Forefront Security for Exchange Server simply gives us a higher level of protection. Given the mission-critical nature of our e-mail system, that’s very impor-tant.

Petr Grachev Chief Information Officer SOK Group

●

●

●



III. Enable Comprehensive Disaster Recovery Capabilities

Improvedisasterrecoveryandpreventioncapabilitieswithserver-basedsystemhealthmonitoringandback-up

The disaster recovery challenge:

Disruptions to IT capabilities are an inevitable and high-impact fact of life. The U.S. Department of Commerce recently stated that from �00� to �006, more than sixteen weather-related disasters caused more than US$1 billion worth of damages. The ability of IT to restore data avail-ability quickly in the event of such business continuity disruptions has a real, bottom-line impact on the busi-ness: Microsoft research estimates that IT organizations spend 60-150 hours annually or $�,�00 per user in terms of downtime and restoration.� Speed is truly of the essence for IT to provide the level of disaster recovery demanded by the business and regulatory compliance.

The demand for access to electronically stored, mission-critical data in today’s connected business world continues to grow. The advent of a mobile and geographically dis-perse enterprise has made server networks more complex for IT organizations not only to monitor but also in terms of providing reliable data recovery. Furthermore, new com-pliance regulations such as Sarbanes-Oxley dictate that IT organizations dictate that companies have reliable back-up technologies and procedures in place.

The most crucial challenges facing IT Professionals in disaster recovery are:

Prompt detection of disruptions: The quicker disrup-tions to an organization’s server network are identified and remediated, the better – Forrester has estimated that “A single, significant breach may run into millions or even billions of dollars”�

●

MalwareVulnerability

Problem Identification/

Response Capabilities

End-user Productivity

SystemRecovery

Time

Seamless restoration of data and applications: An agile business relies upon access to the enterprise’s valuable data and applications, even in the event of disruptions to the server network. Gartner cites “high availability and recovery from disasters” as one of the top six issues for server management.4

Automated, scalable file backup and restore ca-pabilities: the growing complexity of today’s server network has made it unrealistic for IT to continue to rely upon tape-based backup technology. Automated disk-based backup and restore technologies not only reduce the amount of manual IT tasks, but also provide far superior level of near-continuous data protection.

IT’s reliance upon manual, distributed tape-based back-up are not only cost-prohibitive, but insufficient in terms of providing near-continuous data restoration that the business needs. In order to deliver the level of business continuity across the entire enterprise, IT needs automated, centralized disaster recovery solutions that minimize the costs associated with manual tasks and also provide faster response times.

Leveraging the IO Model to enable comprehensive disaster recovery capabilities:

Microsoft’s IO model provides a path that can be used by IT Managers to gradually improve the disaster recovery ca-pabilities of their IT infrastructure while meeting demands of business continuity. The figure below provides a list of possible disaster recovery projects by maturity level (Basic to Dynamic).

●

●

� Microsoft research� Calculating The Cost Of A Security Breach, Forrester, April �0074 Key Issues for Servers 2007, Gartner, March �007



To determine the level of maturity of your infrastructure contact your Microsoft representative. Also, more informa-tion can be found at: www.microsoft.com/io.

Enable comprehensive disaster recovery capabilities with Microsoft technologies:

Microsoft offers a family of solutions that provide fast data recovery, continuous data capture, and automation of data replication and storage management.

With the Microsoft disaster recovery solutions, your IT organization can:

Deliver enhanced, cost-effective disaster recovery capabilities

Automatically replicate and centralize backup to simplify backup, restores, and storage management

Backup to disk to enable much faster restores and self-service user recovery

Make file backup more scalable and efficient by send-ing only (partial file) changes with throttling per server.

●

●

●

Case Study: Municipality Reduces Back-up Time by 96 Percent, Gives Users File Restore Capabilities in the Event of Lost Data, and Frees Up 15 to 45 Percent of the IT Staff’s Time

http://www.nyc.gov/html/dsny/html/home/home.shtml

Organization Profile: New York City’s Department of Sanitation is responsible for keeping the largest city in the United Stages clean. Its Bureau of Motor Equipment manages 6,000 vehicles, from street sweepers to snowplows.

Business Situation

The IT department for the Bureau of Motor Equipment wanted to reduce data backup time, give users the ability to restore lost files, and simplify the entire data backup and restore process

Business Solution

Using Microsoft System Center Data Protection Manager, the IT staff reduced back-up time by 96 percent, provided comprehensive

data protection, and gave users the ability to restore lost data. Ad-ditionally, this freed up 15 to 45 percent of the IT staff’s time.

Benefits:

• Reduced time required for users to back-up files by 96 percent• Freed-up 15 to 45 percent of the IT staff’s time• Provided reliable data protection• Increased end-user productivity• Lowered overall costs

“With Exchange Server and EMC solutions … we have reduced the storage consumption on our primary mail server by as much as 70 percent.” Wissam Halabi, Consulting Systems Architect, EMC

Ensure business continuity with integrated management and security

Protect your organization’s core collaboration and communication server foundation from potentially disruptive technologies

●


1� | �007 | Optimizing your server infrastructure

Integrated Identity syn-chronization

The compliance challenge:

Businesses are increasingly subject to regulations that have impact on IT governance and privacy. The growing number and complexity of such regulations creates a significant burden for IT managers as they implement the necessary tools and policies needed to comply with such regulations. A critical step to solving the puzzle is to identify commonalities among the different regulations and develop a prioritized list of actions. Increasingly, the number one priority in this list is to strengthen identity and access management.

According to Gartner, “the role of an IT organization as a governance, risk and compliance solution provider to other organizations will increase” in �007-�01�.5 Critical challenges facing IT Professionals with respect to ensuring regulatory compliance include:

Managing and tracking digital identities: Identity and Access is at the heart of many compliance regula-tions including Sarbanes-Oxley, HIPAA where compa-nies need to track only IT managers must be able to adapt to ever-changing regulations: Gartner estimates that by �01�, the number of regulatory requirements that directly affect IT operations will double6

Protecting sensitive data from unauthorized access: Data rights management today extends not only throughout the enterprise, but beyond to customers, and investors

●

●

5 The 2007 Compliance and Risk Management Planning Guidance: Governance Becomes Central, Gartner, April �0076 Ibid7 A Compliance Cost survey, Microsoft research, 1�0 customer responses, March �0068 Technology Outlook: IT Priorities For 2007,” Information Week, January 6, �007

Compliance & Regula-

tory Compli-ance Costs

IV. Deploy Enterprise-Wide Identity Management

Enhancecompliancewithacomprehensiveidentityandaccessstrategyandprovidesecureaccessforremoteusers

CentralAdministra-tion of Con-figurations

and Security

Compliance & Regulatory

Accuracy

According to a recent Information Week survey:

Nearly half of respondents (48%) say their IT departments will make complying with regulations a business priority in �007, up from 4�% last year.

More than half of IT managers (54%) say updating their data protection procedures and software will be a tactical priority for �0078

●

●

Reduce manual, repetitive tasks: Research by a leading software vendor indicates that organizations can save 25-32% on time and costs associated with internal and external compliance-related tasks.7 Ad-ditionally, a holistic enterprise-wide identity manage-ment strategy can significantly reduce the amount of manual tasks (by both end-users and IT) in maintaining and provisioning user identities and access permission across applications, systems, and even organizational boundaries.

Leverage the Core IO model to deploy enterprise-wide identity management:

Microsoft’s IO model assists IT organizations to optimize their server infrastructure by providing a set of criteria to evaluate the enterprise’s identity management maturity. The figure below provides a list of recommended identity management projects by maturity level (Basic to Dynamic).

To get an in depth understanding of how to optimize your identity and access infrastructure, secure and simplified

●


Optimizing your server infrastructure | �007 | 1�

identity and access management contact your Microsoft representative. To learn more about Microsoft’s compre-hensive identity and access solutions visit, www.microsoft.com/ida

Enable with Microsoft technologies:

Microsoft offers a family of identity and access solutions are a comprehensive set of integrated offerings that sim-plify the management of user communities across enter-prise systems while ensuring greater access security, thus enabling businesses to be more productive and compliant.

With the Microsoft identity and access solutions, your IT organization can:

Enhance compliance with a comprehensive identity and access strategy

Consolidate multiple passwords across multiple sys-tems and consolidate number of identity stores

Reduce the number of manual processes involved in provisioning user identities and their access permis-sions across systems and applications

Strengthen Sarbanes-Oxley compliance by ensuring terminated employees do not have access to IT

●

●

●

systems by de-provisioning them and their access rights across all systems

Provide stronger forms of authentication through the use of digital certificates and smart cards

Improve HIPAA compliance by protecting sensitive information no matter where it goes

Improve your ability to comply with regulations, busi-ness processes and corporate policies through a uni-fied, policy-based approach to security management

Enforce compliance with computer health require-ments

Strengthen control over sensitive data by filtering documents and files based on their content

Provide secure access for remote users

Allow external entities to access internal resources securely without needing to manage their identities

Control access by role and job level based on active directory users and groups.

●

●

●

●

●

●

●

Case Study: Professional Services Company Facilitates Compliance, Protects Sensitive Data

http://www.si-intl.com


Organization Profile: Since 1998, SI International has provided information technology and network solutions primarily to the federal government. The company has 4,000 employees in 100 locations across the United States.

Business Situation: As a public company, SI International must comply with Sarbanes-Oxley Act (SOX) regulations and also safeguard material and non-public information prior to formal release—such as possible acquisitions, preliminary earning data, draft press releases, and similar sensitive items. The company wanted an enforceable way to protect data in e-mail messages, documents, and internal Web site publications, and wanted the ability to extend rights protection to external business partners.

Business Solution: SI International piloted and deployed Win-dows® Rights Management Services (RMS) for Windows Server® 2003.

Benefits:

• Seamlessly protects data at desktop and enterprise level • Facilitates compliance • Integrates with existing infrastructure and applications

“With Windows Rights Management Services we can protect a range of document types (including PDFs) and content on Share-Point sites. There isn’t an easier or more effective protection method available.”

Brian Beisel, Director of Enterprise Services, SI International



The server virtualization challenge:

Virtualization technologies have gained much interest across IT organizations looking to drive up server utiliza-tion and reduce operating expenses. The typical server utilization rate is about 15%--with 85% of server capacity going unused. Just increasing this utilization rate to 60% means a four-fold reduction in space requirements, hard-ware, and the electrical costs of powering and cooling the server farms.

Additionally, server operating expense budgets continue to be under pressure, in part driven by the increased energy required to keep today’s high-performing servers from overheating. IDC estimated that power and cooling costs IT organizations $�0 billion in �006 worldwide and expects this number to grow to $45 billion by �010.�

� IDC report [need specific reference], Michelle Bailey, March 200710 Virtualization and Change and Configuration Management Software Study, IDC #�0�1�8, June �00611 Ibid

Threat Isolation

ServerUtilization/

Consolidation

Load Balancing

Server Related Costs

V. Consolidate Servers through Virtualization

Enhanceserverutilizationratesthroughvirtualizationandservermanagementtools

According to IDC, the ROI for virtualization can be quick: 26% realized an ROI immediately and 24%

achieved it within 1� months.11

tion has directly resulted in cost savings from server consolidation, software license consolidation and reduced management time.10

Centralize management of physical and virtual servers: Managing your virtual infrastructure with the same familiar tools as your physical assets can reduce system complexity and streamline making changes to the overall infrastructure.

While the goals of reducing operating costs and driving business agility may at times seem at odds, virtualization can be an effective strategy for CIOs as they look to con-solidate server sprawl, keep server energy costs in check, and still deliver the productivity and responsiveness that is required in today’s digital work style.

●

Leverage the Core IO Model to virtualize servers and increase server utilization:

The Microsoft’s IO model provides guidance for organiza-tions looking to virtualization to consolidate servers, save money and increase their business agility. The figure below provides a list of possible virtualization projects by maturity level (Basic to Dynamic).

To determine the level of maturity of your infrastructure contact your Microsoft representative. Also, more informa-tion can be found at: www.microsoft.com/io.

The critical challenges facing IT Professionals in virtualiza-tion are:

Maximize server utilization and reduce costs: 50% of respondents to a recent survey said that virtualiza-

●



Consolidate servers through virtualization with Microsoft technologies:

Microsoft offers a family of solutions that maximize the utilization of your servers, manage both your physical and virtual environments, and drive business agility.

With the Microsoft virtualization solutions, your IT organi-zation can:

Maximize utilization of server and storage

Consolidate infrastructure, application, and branch office server workloads by running up to four virtual instances per server or partition

Simplify storage planning, provisioning and main-tenance, improve monitoring and reporting with a centralized view of storage across physical and virtual servers

●

●

Centralize server management

Monitor and manage large-scale server networks easily with tiered views of tens of thousands of servers

Enable monitoring of system performance, security and access in a single consol through current, unified views of the server network

Accelerate diagnosis and response via expert informa-tion from a centralized system management solution.

●

●

●

Case Study: Accenture

Organization Profile: Accenture is a global management consult-ing, technology services, and outsourcing company with 133,000 employees in 48 countries and annual revenues of U.S.$15.55 bil-lion for the 2005 fiscal year.

Business Situation: An Accenture project team needed a new test environment with four application servers and five client envi-ronments including Red Hat Linux and numerous versions of the Windows® operating system.

Solution: By building virtual machines with Microsoft® Virtual Server, the team met its deadline one week ahead of schedule. . Virtual machines now play a key role in the lab, as does Microsoft Operations Manager and Microsoft Windows Server 2003.

Benefits:

• Reduced total cost of ownership • Accelerated environment setup • Streamlined system administration • Improved IT responsiveness • Enabled more robust testing

“Virtual Machine Manager enables us to significantly scale up the number of environments we can test without purchasing additional hardware, because we can load numerous virtual machines on one server.”

Joseph Paradi, Senior Architect, Accenture Technology Infrastructure Services



Solutions for server infrastructure optimization

Persistent Information ProtectionIdentity and Access ManagementServer Consolidation and Load BalancingApplication OS Neutrality through VirtualizationStorage Planning, Provisioning and Maintenance

●●●●●

Systems MonitoringChange and Configuration ManagementBackup and RecoveryVirtual Machine Management

●●

●●

Client SecurityApplication Server SecurityNetwork Edge SecuritySecure Remote Access

●●●●



Appendix

Extend server management capabilities to �rd party infrastructure

Deploy enterprise views of servers network

Configure zero-touch management solutions

Get visibility into systems health monitoring

Automate patch management


Deploy Integrated Server Management Tools

Deploy enterprise firewall to internal and external server

Centralize and manage server firewalls

Implement a managed, antivirus software solution for Servers

Deploy a DNS server for centralized IP address management

Deploy firewall with lockdown configuration


Core Infrastructure Optimization projects to deploy defense-in-depth security

Implement solutions to centrally manage user provisioning

Implement a federated identity management solution across

organizational and platform boundaries

Implement a centralized, directory-based policy solution for administration

and configuration of servers

Implement primary directory service for client

authentication


Core Infrastructure Optimization projects to deploy enterprise-wide identity management

Design an end-to-end virtualization strategy to minimize system complexity

and capture maximum benefit

Reduce system complexity by managing virtual server infrastructure in a

common console

Profile server usage and identify

net underutilization

Consolidate your

Server network


Core Infrastructure Optimization projects to virtualize servers and increase server utilization

Implement server-based document versions to enable easier recovery

Deploy a NAS/SAN-centralized disaster recovery plan for all servers

Implement backup and restore solutions for critical servers

Consolidate file and print servers to simplify backup and restoration


Core Infrastructure Optimization projects to enable comprehensive disaster recovery



Next Steps:

• Talk to your Microsoft Account Manager to assess where your server infrastructure is on the Core Infrastruc-ture Optimization maturity path

• Visit the following websites:

n Microsoft Core Infrastructure Optimization www.microsoft.com/infrastructure

n Microsoft System Center www.microsoft.com/systemcenter

n Microsoft Forefront www.microsoft.com/forefront

n Microsoft Windows Server 2003 R2 www.microsoft.com/windowsserver�00�

n Microsoft Windows Server Active Directory http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/default.mspx

This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information

contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft

must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee

the accuracy of any information presented after the date of publication.

This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION

IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be

reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording,

or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document.

Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these

patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted

herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is in-

tended or should be inferred.

© �007 Microsoft Corporation. All rights reserved.

Microsoft, Microsoft System Center, Microsoft Active Directory, Microsoft Forefront, and Windows Server �00� R� are either registered trademarks or

trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Documents

Optimizing your Server Infrastructuredownload.microsoft.com/documents/uk/business/peopleready/... · 2018-12-05 · Optimizing your server infrastructure | 007 | The financial impact