Infrastruktuuri optimeerimine

Tallinn 28.02.2008

Empowering People in a Changing WorkplaceIncreased pressure and opportunity for IT

Meet changing business needs• Work across boundaries• Digest an overload of information• Manage compliance and risk

Manage IT cost, complexity• Maximize the value of LOB systems• Rationalize redundant investments • Improve operational efficiency

More Pressure Than Ever On IT

30%New 70%

Maintenance

…with limited resources for advancing capability

Business Results& New Value

End User Productivity

CustomerConnection

CostReduction

Competition

TechnologyChange

RegulatoryCompliance

Security

Keep BusinessUp & Running

Top 5 things in CIO list

Deliver projects to grow the business

Linking Business and IT strategy and plans

Improve Service levels

Demonstrate the business value of IT

Attracting and keeping IT personell

IT fuels profitable revenue growth

Source: Enterprise IT Capabilities and Business Performance, Marco Iansiti, David Sarnoff Professor of Business Administration, Harvard Business School George Favaloro, Principal, Keystone Strategy, Inc-March 2006

Top 25% of IT capable firms grew revenue 6.8% faster per year

Top 25% of IT capable firms realize 23% higher revenue per employee

Managers in IT capable firms state they have significantly better insight and control over key dimensions of their business

IT gives managers more insight and control

Firms with better IT have more productive employees

Driving Business Outcomes

Purchasing does not mean acquiring a capability

RFP or

RFQfeature set

Years

RFP or

RFQfeature set

RFP or

RFQfeature set

RFP or

RFQfeature set

Requestedfeature set

Implementedfeature set

Trainedfeature set

IntegrationComplexity

More peopleincrease

complexity

More tools also

increase complexity

$$$

Integration complexity is not solved by tools• Will newer HW alleviate growth

needs?

• Does backing up mean we are prepared?

• Will newer versions of the software increase operational efficiency?

• By adding more people will we be able to get more operational reach?

• Are we compliant, on which layer… application, network?

• Will more management tools increase our control? Or our operational quality?

• Will more security tools decrease our threats ?

• When we develop an application, does it consume from our existing operational best practices?

• By having a single network directory do we simplify application access?

You can take all of these actions and only increase complexity !!!

"Insanity: doing the same thing over and over again and expecting different results.“ Albert Einstein

Applied Governance: A Different Approach Is Needed

An approach that…

– Holistic– Addresses existing complexity– Creates an integrated, uniform environment– Adopts to proven Best Practices– Recognizes Role Based Productivity– Prioritizes and sequences IT projects in a structured, systematic manner

People Process Technology

Operational habits are what deliver results

Dynamic IT for the People-Ready BusinessDynamic IT infrastructure:• Easily adapts IT

services to changing business needs

• Empowers people with access to information, when they need it

• Automates processes and reduces complexity

• Keeps security and compliance under control

• Optimizes for cost, service levels and agility

Manage Complexity,Achieve Agility

Advance the Businesswith IT Solutions

Amplifythe Impact

of YourPeople

ProtectInformation,

ControlAccess

Governing Principles

IT Infrastructure Optimization ModelA new approach for managing IT as a strategic asset.

• Provides a capability based technology neutral framework upon which you can base an optimized infrastructure

• Establishes a foundation based on industry analysts, academic and consortium research

• Provides guidance and best practices for step-by-step implementation

• Drives cost reduction, security and efficiency gains

• Enable agility

Application Platform Optimization Model

Business Productivity Infrastructure

Optimization Model

Core Infrastructure Optimization Model

What Is Dynamic IT?

Unified & Virtualized

User-Focused

Service-Enabled

Process-Led,Model-Driven

Separate logical operation from physical hardware• More flexible to and streamline change• Strengthen business continuity• Scale rapidly to meet business demand

Captures process, structure and expertise in models• Sets rules and tolerances for system health• Triggers self-correction when outside tolerance• Provides visibility between people and systems

Provides link between internal & external services• Extend capability with .NET, XML, ‘web2.0’

services• Integrate emerging services without internal dev• Strengthen connections with customers, partners

Connects natural workflow with applications• Weave real workflow into application design• Enable rich user experiences• Integrate familiar interface with powerful apps

Dynamic IT is Microsoft’s vision for a new generation of integrated products and technologies that helps customers gain strategic advantage through their IT

Dynamic IT and Infrastructure Optimization Dynamic IT is the destination

Unified & Virtualized

User-Focused

Service-Enabled

Process-Led,Model-Driven

Basic Standardized Rationalized Dynamic

Uncoordinated, manual

infrastructure

Managed IT Infrastructure

with limited automation

Managed and consolidated IT Infrastructure

with maximum automation

Fully automated management,

dynamic resource usage , business

linked SLAs

Infrastructure Optimization guides

the journey

Infrastructure OptimizationInfrastructure Optimization is a structured, systematic process of assessing maturity across IT capabilities, then prioritizing projects to progress towards a Dynamic state

Basic Standardized Rationalized Dynamic

Uncoordinated, manual

infrastructure

Managed IT Infrastructure

with limited automation

Managed and consolidated IT Infrastructure

with maximum automation

Fully automated management,

dynamic resource usage , business

linked SLAs

People Process Technology

Infrastructure Optimization - ExamplesBasic

Many ways of achieving the same objective, often in

reaction to problems

Standardized

A standardized, repeatable

process

Rationalized

Managed and consolidated

through automation

Dynamic

Fully automated management,

dynamic resource usage , business

linked SLAs

Core Infrastructure Maturity Level—Basic

Basic Standardized Rationalized Dynamic

• Inconsistent or non-existent policies for security and compliance• Unknown health of services due to the lack of tools and resources• No vehicle for sharing accumulated knowledge across IT• Environments are extremely hard to control• Very reactive to security threats• Software deployments, patches and services are provided through high touch

Unstructured and lacking central control, infrastructure based on manual processes, ad hoc security and disparate resources

Core Infrastructure Maturity Level—Standardized

Basic Standardized Rationalized Dynamic

Standards and policies to manage desktops, mobile devices, and servers introduce controls and operational consistency• Active Directory is used to manage resources, security policies and network

access• The value of basic standards and policies are recognized but not yet implemented

broadly• Deployments, patches and desktop services are provided at medium touch• Inventory of hardware and software assets are maintained and license use

managed• Security is improved with a locked down perimeter, though internal security may

still be a risk

Core Infrastructure Maturity Level—Rationalized

Basic Standardized Rationalized Dynamic

• Security is proactive and response to threats is rapid and controlled• The use of zero-touch deployment helps minimize cost and time• Minimal number of desktop images and low-touch management• Hardware and software inventory is managed, with optimal license use• Security measures involve strict policies and control

Costs involved in managing desktops and servers are at their lowest, with integrated IT management policies, tools, and processes

Core Infrastructure Maturity Level—Dynamic

Basic Standardized Rationalized Dynamic

• Costs are fully controlled• Integration between users and data, desktops, and servers; collaboration is

pervasive• Mobile users have nearly on-site levels of service and capabilities• Processes are fully automated, often incorporated into the technology itself• Additional investments in technology yield specific, rapid and measurable

benefits• Self-provisioning software and quarantine-like systems allow automated

processes

Highly responsive and efficient IT infrastructure; automated processes and flexible resources drive business agility and competitive advantage

DynamicStandardized RationalizedBasic

Helping CIOs Show Leadership And ValueFreeing Resources

The IO Journey frees resources and provides the foundation for organizational agility

Cost Center

Uncoordinated,manual

infrastructure;knowledge not

captured

More Efficient Cost Center

Managed ITinfrastructurewith limited

automation and knowledge

capture

Managed andconsolidated ITinfrastructurewith extensiveautomation; knowledge

captured and re-used

Fully automatedmanagement;

dynamic resource

usage; business-linked service

level agreements (SLAs);

knowledge capture and use

automated

Business Enabler

Strategic Asset

Core IOProgression to Dynamic IT

Cost Center Efficient Cost Center Business Enabler Strategic Asset

Uncoordinated, manual

Infrastructure

Managed IT infrastructure with limited automation and

knowledge capture

Managed and consolidated IT

infrastructure with extensive

automation; knowledge captured

and reused

Fully automated management

dynamic resource usage, business linked SLAs; knowledge capture

automated

Basic Standardized Rationalized Dynamic

Identity and Access ManagementManage Identities and Access to Resources * Protect Identities

Data Protection and RecoveryProvide Backup * Protect Information * Recover Data Quickly

Desktop, Device, and Server ManagementManage Desktops and Mobile Devices * Deploy Applications

Security and NetworkingProtect Information * Protect Infrastructure * Provide Access to Resources

“However beautiful the strategy, you should occasionally look at the results.“

Sir Winston Churchill (1874 - 1965)

Infrastructure Optimization Improves IT Efficiency

PCs managed per IT FTE

100

200

300

400

700

0

Organization

500

600

76$1,320

172$580

442$230

Avg PC’s per/IT FTEIT Labor/PC

Source: IDC data analyzed by Microsoft 2007

20% 60% 20%

Basic Standardized

Rationalized

Dynamic

IT Labor Costs

Service levels*(# Svc desk calls)

Business Agility(# weeks/deploy

app)

$1320 $580 $230 Not Available

8.4 8.5 7.7 Not Available

5.4 5.2 4.3 Not Available

Source: IDC Core Infrastructure Optimization Research, Survey of Findings, June 2007 *Service levels intended as an indicator for end-user productivity**Sample data not yet available to determine full benefits of “Dynamic” desktop maturity level

Benefits of Desktop OptimizationGains in service levels and agility are significant

Benefits of Desktop OptimizationLabor efficiencies with optimized desktop infrastructure

Source: Leading Analyst firm, December 2005Note: Excludes server & network costs for centrally manages services

A leading industry analyst found over 90% of the TCO reductions from best practices for desktop management result from increased labor efficiency for IT workers and End-users

Total TCO ($4600-$5000/year)

IT

End-user

HW/SW

(US$

/des

ktop

/yea

r)

“Basic” “Rationalized”

Total TCO($3200-$3300/year)

World Wide IO Analysis

12,034 Customers Analyzed (>500 Employees)

EMEA IO Analysis

3,342 Customers Analyzed (>500 Employees)

Benefits of Optimized Core Infrastructure

Control Cost

Simplify, automate and centralize IT

operations to optimize resource utilization

Improve Service Levels

Integrate management and security tools to

maximize system uptime

Drive Agility

Adapt the IT infrastructure rapidly according to business

needs

Cost

AgilityInfrastructure Maturity

Service Levels

Kuidas alustada?• Andke endale ise hinnang:

www.microsoft.com/peopleready/coreinfra • Kontakteeruge Microsofti partneriga, et läbi viia

põhjalikum analüüs ja saada soovitused jätkamiseks!• Partnerid Eestis:

– GT Tarkvara– Uptime Systems– IT Grupp– MarkIT– MicroLink Eesti– PC Expert

Identity and Access ManagementStandardized to Rationalized

Projects Architecture

S to R

BACK

• Difficult to manage user and resource settings and configurations

• Users have multiple identities across heterogeneous systems

• No solution to protect user data from unauthorized access

• Concern over unauthorized access to sensitive information

• No solution to allow users to protect content for being copied, printed, distributed without proper rights/permissions

• Identities are stored in different application directories

IT

• Enable potential for rapid change and configuration

• Provide consistent user experience across computers based on business roles

• Protect user data• Mitigate risk associated with

unauthorized access

• Safeguard digital information from unauthorized use—both online and offline

• Reduce operations and desktop support costs

IT

Fundamental• Deploy a solution to

synchronize identity stores with non-Windows application directories

Advanced• Deploy a metadirectory

solution for identity synchronization, and deploy a smartcard and certificate management solution

• Deploy full-drive encryption and persistent data protection technologies

• Deploy a federated trust-based authentication system for external applications, and Enable personal information card access for non-federated users

• Deploy a multi-factor authentication solution for access control to high-risk systems, and deploy certificate-based authentication

Challenges Projects BenefitsBUSINESS BUSINESS

ProjectsFundamental• Implement Active Directory forest with one

instance of trust in the organization

Resources

Identity and Access ManagementStandardized to Rationalized

Projects Architecture

S to R

BACK

• Windows 2003 Active Directory Introduction• Designing and Deploying Active Directory• Best Practice Guide for Securing Active Directory Install

ations• Active Directory Web Casts Series• Training Simulation (AD, ADMT) V-Labs

Fundamental• Deploy a solution to synchronize identity

stores with non-Windows application directories

• Deploy a metadirectory solution for identity synchronization, and deploy a smartcard and certificate management solution

• Microsoft Identity Lifecycle Manager 2007 Product Overview

• Identity Lifecycle Manager 2007 (ILM 2007) Technical Library

• Microsoft Certificate Lifecycle Manager 2007 (CLM 2007)

• Microsoft Identity Integration Server 2003 (MIIS 2003) Technical Library

• Case Studies: MIIS• MIIS Walkthrough Scenarios• MIIS Virtual Labs

ProjectsAdvanced• Deploy a federated trust-based

authentication system for external applications, and Enable personal information card access for non-federated users

Resources• Overview of Active Directory Federation Ser

vices (ADFS) in Windows Server 2003 R2• ADFS Concepts• ADFS Design Guide• ADFS Deployment Guide

Identity and Access ManagementStandardized to Rationalized

Projects Architecture

S to R

BACK

• Deploy a multi-factor authentication solution for access control to high-risk systems, and deploy certificate-based authentication

• Implementing Multifactor Authentication Using Smart Cards

• Public Key Infrastructure for Windows Server 2003

• Active Directory Certificate Services• Designing a Public Key Infrastructure• Microsoft Certificate Lifecycle Manager Over

view• ILM Certificate management

Architecture

ProjectsBACK

Identity and Access Management Standardized to Rationalized

Technologies• Active Directory Group Policy

Objects (GPO)• Microsoft Identity Lifecycle M

anager 2007 • Active Directory Lightweight

Directory Services (ADLDS)• Windows Vista - EFS• Rights Management Services• Windows Vista Enterprise (For

Bitlocker)

• Windows Mobile 6 IRM enabled Pocket Office and Pocket Inbox

• Microsoft Identity Lifecycle Manager 2007 - Smart Card Lifecycle Management

• Windows Certificate Services

Resources

S to R

• Windows Server 2003 R2 Helps Simplify Identity and Access Management

• Network Architecture Blueprint • Microsoft's Vision for an Identity

Metasystem

Active Directory

Identity Lifecycle Manager 2007

Full Certificate and Smart Card

Lifecycle Management

RMS Server

SQL Server

Web Portal

Exchange Server

Author

Recipeint

Client Workstations

Request Certificate

Certificate Server

Issue Certificate

Active Directory Lightweight Directory Service

Client

LDAP

Metaverse

Identity synchronization

and metadirectory

Küsimused?

Tänan!