Microsoft® SystemCenter and Windows Server®2008: Better Together



Microsoft Corporation

Published: October 2007

Updated: November 2007

Executive Summary

Windows Server®2008 is the most recent version of the Windows Server operating system. The Microsoft® SystemCenterfamily ofsolutions helps you implement Windows Server2008 in your organization with lesseffort and complexity than previous versions of Windows Server. The SystemCentersolutions discussed in this whitepaper include Microsoft System Center Configuration Manager2007, System Center Operations Manager2007, System Center Virtual Machine Manager 2007, System Center Data Protection Manager 2007, and Microsoft SoftGrid® Application Virtualization. This paper discusses how SystemCentersolutions:

  • Augment and enhance the new features in Windows Server2008.
  • Reduce the amount of effort required to plan, build, deploy, and operate Windows Server2008–based solutions.
  • Interact with each other to provide comprehensive coverage of all phases in the information technology (IT) lifecycle (including the Plan, Build, Deploy, and Operate Phases).

© 2007 Microsoft Corporation. All rights reserved. This document is developed prior to the product’s release to manufacturing, and as such, we cannot guarantee that all details included herein will be exactly as what is found in the shipping product. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. The information represents the product at the time this document was printed and should be used for planning purposes only. Information subject to change at any time without prior notice. This whitepaper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Microsoft, Active Directory, SharePoint, SoftGrid, Windows, Windows Media, the Windows logo, Windows Vista, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

All other trademarks are property of their respective owners.

Contents

Introduction

Objectives

IT Life Cycle Phases

Windows Server2008 and System Center Manageability

Provide Support for 32-bit and 64-bit Processor Architectures

Provide Support for Virtualized Environments

Ensure Network Health, Configuration Consistency, and Security

Improve Event Management and Tracking

Reduce Effort to Perform Deployment and Administrative Tasks

Plan Phase

Identify Existing Server Roles

Validate Features and Perform Proof of Concept Testing

Identify the Deployment Readiness of the Existing Infrastructure

Build Phase

Verify Windows Server2008 Deployment Processes and Procedures

Create and Manage Windows Server2008 Deployment Images

Ensure Application Compatibility

Deploy Phase

Prepare for Virtualized Server Deployment

Deploy Windows Server2008 Images and Supplemental Applications to Target Server Computers

Operate Phase

Ensure Continuous Data Protection

Provide End-to-End Monitoring for Windows Server2008 Roles and Applications

Ensure Network Health and Security

Provision Additional Computers Running Windows Server2008

Ensure That Server Computers Stay Compliant with Established Baselines and Standards

Summary

For More Information



Microsoft® SystemCenter and Windows Server®2008: Better Together

Introduction

With new technologies and features such as the Server Core installation option of the Windows Server®2008 operating system, Microsoft® Windows® PowerShell, and Windows Deployment Services as well as enhanced networking and clustering technologies, Windows Server2008 provides the most versatile and reliable Windows Server platform yet. You will want to leverage all these new technologies in your organization as quickly as possible. Microsoft System Center solutions are optimized to assist in planning, building, deploying, and operating Windows Server2008 in your environment. SystemCentersolutions can help you adopt Windows Server2008 in your organization faster than was possible with previous versions of Windows Server.

Objectives

The goal of this whitepaper is to help you learn how to use System Center solutions to plan, build, deploy, and operate Windows Server2008–based solutions in your environment. The discussion begins with an overview of the information technology (IT) lifecycle phases and how they relate to the Microsoft Solutions Framework (MSF) and Microsoft Operations Framework (MOF). The discussion continues with an overview of Windows Server2008 and SystemCenter manageability. Finally, the paper discusses how SystemCentersolutions and related products (such as Microsoft SoftGrid® Application Virtualization) work together with Windows Server2008 in each IT lifecycle phase.

This whitepaper discusses the following SystemCentersolutions:

  • Microsoft System Center Configuration Manager2007 (Configuration Manager2007)
  • Microsoft System Center Operations Manager2007 (Operations Manager2007)
  • Microsoft System Center Virtual Machine Manager (Virtual Machine Manager2007)
  • Microsoft System Center Data Protection Manager (Data Protection Manager2007)
  • Microsoft System Center Capacity Planner2007 (Capacity Planner2007)
  • SoftGrid Application Virtualization

IT Life Cycle Phases

Most organizations use a phased methodology to design, deploy, and manage the operations of solutions (although the number of phases and the tasks performed in each phase differ from methodology to methodology). Microsoft developed the MSF and MOF as a standardized methodology for all phases of the IT lifecycle. MSF focuses on the early stages of the lifecycle and continues until the solution is deployed. MOF focuses on the continuing operations of existing solutions.

MSF is a deliberate and disciplined approach to technology projects based on a defined set of principles, models, disciplines, concepts, guidelines, and proven practices from Microsoft. The MSF process model includes the Envisioning, Planning, Developing, Stabilizing, and Deploying Phases. For more information on MSF, see Microsoft Solutions Framework at

MOF provides operational guidance that enables organizations to achieve mission-critical system reliability, availability, supportability, and manageability of Microsoft products and technologies. MOF is divided into four quadrants (the MOF Optimizing Quadrant, MOF Changing Quadrant, MOF Operating Quadrant, and MOF Supporting Quadrant). For more information on MOF, see Microsoft Operations Framework at

For purposes of this paper, MSF and MOF have been combined and simplified into the following phases:

  • Plan. The Plan Phase involves creating a business vision and defining the scope of work necessary to bring the vision to reality (for example, business case justification, business studies). The phase continues through the development of detailed functional requirements, system and application architectures, the user interface (UI) prototype, and a detailed project plan for the remainder of the project. This phase includes the MSF Envisioning and Planning Phases.
  • Build. The Build Phase begins with the first iteration of deployment in a test environment and culminates with the preparation of the production environment for deployment. The phase includes further testing and acceptance of the design and deployment plan before final release into the production environment. The testing usually includes a pilot deployment in the production network environment. This phase includes the MSF Developing and Stabilizing Phases.
  • Deploy. The Deploy Phase includes the deployment of the core technology and site components, transitioning the project to IT Operations and support, and obtaining final approval of the project. This phase includes the MSF Deploying Phase.
  • Operate. The Operate Phase begins with the transitioning of the deployed target computers and services to the operations team. The phase continues with the ongoing maintenance, operation, monitoring, and supporting of the deployed solution throughout the remainder of the IT lifecycle. This phase includes all the MOF quadrants.

Windows Server2008 and SystemCenter Manageability

Windows Server2008 is the most manageable version of Windows Server yet. Windows Server2008 includes new built-in Web and virtualization technologies that increase the reliability and flexibility of your server infrastructure. New Windows Server2008 virtualization tools, Web resources, and security enhancements help save time, reduce costs, and provide a platform for a dynamic and optimized datacenter. Powerful new tools in Windows Server2008 (such as Microsoft Internet Information Services [IIS] version7.0, Server Manager, and Windows PowerShell) allow better control over servers and streamline Web, configuration, and management tasks. Advanced security and reliability enhancements such asNetwork Access Protection (NAP) and the Read-Only Domain Controller (RODC) harden the operating system and protect server environments.

SystemCentersolutions augment and enhance these features in Windows Server2008 to provide a comprehensive solution for all phases of the IT lifecycle. By combining the features in System Center solutions with these new features in Windows Server2008, you can helpreduce your effort and costs in each IT lifecycle phase. In addition, you can manage your existing investment in other Microsoft technologies and products by using SystemCenter solutions.

Provide Support for 32-bit and 64-bitProcessor Architectures

Windows Server2008 provides support for 32-bit and 64-bit processor architectures. The Windows Server2008 for Itanium-based Systemsoperating system is specifically designed for use with Intel Itanium 64-bit processors to provide Web and application server functionality on that platform. All other Windows Server2008versions are offered in 32-bit and 64-bit processors.

SystemCentersolutionsalso provide support for 32-bit and 64-bit processor architectures. For example, Configuration Manager2007 and Operations Manager2007 provide 32-bit and 64-bit versions of clients and agents, respectively. Regardless of the processor architecture, SystemCentersolutions can be used to deploy and manage Windows Server2008–based solutions.

Provide Support for Virtualized Environments

Windows Server2008 includes a new virtualization feature: Windows Server 2008 Hyper-V (Hyper-V). Hyper-V isa powerful virtualization technology with strong management and security features. Itenables businesses to leverage their existing familiarity with Windows Server management and take advantage of virtualization's flexibility and security benefits without having to buy non-Microsoft software:Microsoft and its partners provide comprehensive support for Windows and supported Linux guest operating systems. Hyper-V is a highly flexible, high-performance, cost-effective, and well-supported virtualization platform.

Hyper-V can directly run virtual machines(VMs) created in Microsoft Virtual Server2005 running on Windows Server2003, so you can leverage your existing investment in virtualized computing. This ease of migration allows you to evaluate, test, and run virtualized computers in your production network today and migrate to Hyper-V when you deploy Windows Server2008 in your production network.

Note: Virtual Server 2005 is only supported on Windows Server 2003. Only Hyper-V is supported on Windows Server 2008, The next release of Virtual Machine Manager (scheduled for delivery in2008) will provide support for Hyper-V and Windows Server 2008.

SystemCentersolutionsprovide seamless management of physical and logical network devices. Virtual Machine Manager 2007provides a simple and cost-effective solution for unified management of physical computers and VMs, consolidation of underutilized physical servers, and rapid provisioning of new VMs by leveraging the expertise and investments in Microsoft server technology.

Ensure Network Health, Configuration Consistency, and Security

Windows Server2008 supports NAP, which helps ensure that computers are configured appropriately before allowing those computers to connect your organization’s intranet. NAP is a new platform to perform computer health policy validation, ensure ongoing compliance with health policies, and optionally restrict the access of computers that do not comply with system health requirements until their health state can be corrected. NAP includes a client and server-side architecture. Administrators can configure Internet Protocol security (IPsec) enforcement, IEEE 802.1X enforcement, virtual private network (VPN) enforcement, Dynamic Host Configuration Protocol (DHCP) enforcement, or all four, depending on their network needs.This validation helps ensure network health and configuration consistence for server, portable, and desktop computers in your organization.

In addition, several new security features are included in Windows Server2008, including RODC and the Server Core installation option of Windows Server2008. An RODC allows you to easily deploy a domain controller that hosts a read-only replica of the domain database. This is well suited for locations where physical security of the domain controller cannot be guaranteed, where network connectivity may have a negative impact on productivity, or where other applications must run on a domain controller and be maintained by a server administrator (who, ideally, is not a member of the Domain Admins group). All of these scenarios are common in branch office deployments.Using RODC, you can place an Active Directory® directory service domain controller in a non-protected network, because updates to Active Directory cannot be made through anRODC.The Server Core installation option of Windows Server2008 provides a minimal environment for running specific server roles that reduces the attack surface for those server roles.

Configuration Manager2007 integrates with NAP to deploy software updates, service packs, hotfixes, and other software to computers that are not configured appropriately to be connected to your organization’s intranet. Configuration Manager2007 and Operations Manager2007 can identify computers that are not configured correctly. You can use all the System Center solutions to support the Server Core installation option of Windows Server2008 in all IT lifecycle phases.

Improve Event Management and Tracking

Windows Server2008 includes a new event system that produces .xml files. The XML format allows you to consume output from the event system more easily than in earlier Windows Server versions. All the SystemCentersolutions can integrate with this new event system.Windows Vista client computers can also forward specific events to Windows Server 2008 and then be reported to SystemCenter solutions.

Reduce Effort to Perform Deployment and Administrative Tasks

Windows Server2008 was designed to support a role-based deployment and administrative model. Each service and feature that Windows Server2008 provides is represented by a server role. You manage these server roles by using the Server Manager console. The Server Manager console provides a single management point for common administrative tasks.

The role-based model in Windows Server2008 is based on Service Modeling Language (SML). SML is a modeling language that can be used to model complex IT services and systems, including their structure, constraints, policies, and best practices. (For more information about SML, see Service Modeling Language Specification at SML is based on a profile of XML Schema and Schematron, and itis part of Microsoft’s Dynamic Systems Initiative (DSI). DSI is Microsoft's technology strategy for products and solutions that help businesses enhance the dynamic capability of theirpeople, process, and IT infrastructure throughtechnology.

The server roles in Windows Server2008 include:

  • Active Directory Certificate Services.Active Directory Certificate Services (ADCS) is an Identity and Access Control security technology that provides customizable services for creating and managing public key certificates used in software security systems that employ public key technologies. For more information, see Active Directory Certificate Services at
  • Active Directory Domain Services.Active Directory Domain Services(ADDS) stores directory data and manages communication between users and domains, including user logon processes, authentication, and directory searches. An Active Directory domain controller is a server that is running ADDS. For more information, see Active Directory Domain Services at
  • Active Directory Federation Services.Active Directory Federation Services (ADFS) provides Web single-sign-on (SSO) technologies to authenticate a user to multiple Web applications over the life of a single online session. For more information, see Active Directory Federation Services at
  • Active Directory Lightweight Directory Services.Active Directory Lightweight Directory Services (ADLDS) is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications without the restrictions of ADDS. For more information, see Active Directory Lightweight Directory Services at
  • Active Directory Rights Management Services.Active Directory Rights Management Services (ADRMS) is an information-protection technology that works with ADRMS–enabled applications to help safeguard digital information from unauthorized use. Content owners can define who can open, modify, print, forward, or take other actions with the information. For more information, see Active Directory Rights Management Services at
  • Application Server. Application Server is an expanded server role in Windows Server2008. The new version of Application Server provides an integrated environment for deploying and running custom, server-based business applications. These applications respond to requests that arrive over the network from remote client computers or from other applications. Typically, applications that are deployed and run on Application Server take advantage of one or more of the following:
  • IIS (the Hypertext Transfer Protocol [HTTP]server built into Windows Server)
  • Microsoft.NET Framework versions 3.0 and 2.0
  • MicrosoftASP.NET
  • COM+
  • Microsoft Message Queuing (MSMQ)
  • Web services that are built with Windows Communication Foundation (WCF)

For more information, see Application Server at

  • DHCP Server. When you deploy Dynamic Host Configuration Protocol (DHCP) servers on your network, you can automatically provide client computers and other TCP/IP-based network devices with valid IP addresses. You can also provide the additional configuration parameters these clients and devices need, called DHCP options that allow them to connect to other network resources, such as Domain Name System (DNS) servers, Windows Internet Naming Service (WINS) servers, and routers. For more information, see DHCP Server at
  • DNS Server. DNS is the name-resolution protocol for TCP/IP networks, such as the Internet. Client computers query a DNS server to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other. For more information, see DNS Server at
  • Fax Server. You can use a computer with the Fax Server role as a fax server to centrally manage fax devices and enable users to send and receive faxes. (To install this role, you also must install the Print Services role.) For more information, see Fax Server at
  • File Services. This role provides technologies that help manage storage, enable file replication, manage shared folders, ensure fast file searching, and enable access for UNIX client computers. For more information, see File Services at
  • Network Policy and Access Services.This role allows you to provide local and remote network access and to define and enforce policies for network access authentication, authorization, and client health using Network Policy Server (NPS), Routing and Remote Access Service, Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP). For more information, see Network Policy and Access Services at
  • Print Services. This server role enables you to share printers on a network as well as to centralize print server and network printer-management tasks. It also enables you to migrate print servers and deploy printer connections using Group Policy. For more information, see Print Services at
  • Streaming Media Services.Use this role to manage delivery of live or on-demand digital media content, including Windows Media® Audio (WMA) and Windows Media Video (WMV), over networks by using Windows Media Services2008 administrative interfaces. For more information, see Streaming Media Services at
  • Terminal Services.Terminal Services provides technologies that enable users to access Windows-based programs that are installed on a terminal server or to access the full Windows desktop. With Terminal Services, users can access a terminal server from within a corporate network or from the Internet. For more information, see Terminal Services at
  • UDDI Services. Universal Description, Discover, and Integration (UDDI) is an industry specification for publishing and locating information about Web services. UDDI Services provides UDDI capabilities in an enterprise or between business partners. For more information, see UDDI Services at
  • Web Server.This role lets you share information with users on the Internet, an intranet, or an extranet. Windows Server2008 delivers IIS 7.0, which is a unified Web platform that integrates IIS, ASP.NET, Windows Communication Foundation, and Windows SharePoint Services. For more information, see Web Server at
  • Windows Deployment Services.The updated and redesigned version of Remote Installation Services (RIS), you use Windows Deployment Services enables you to remotely deploy Windows operating systems, particularly Windows Vista®. You can use Windows Deployment Services to re-image computers using customized images. For more information, see Windows Deployment Services at
  • Windows SharePoint Services. This role provides a scalable, manageable platform for collaboration and the development of Web-based business applications with Windows SharePoint®Services3.0. For more information, see Windows SharePoint Services TechCenter at

You can automate administrative tasks by using Windows PowerShell scripting. Windows PowerShell includes new command-line tools with which you canefficiently complete server-administration tasks that are common across all Windows Server2008 roles, such as services, processes, and storage. Windows PowerShell also allows you to manage specific Windows Server2008 roles (such as IIS7.0, ADDS, or Terminal Server). Also, several partners provideWindows PowerShell commands that improve network management and provide rich charting and gauge capabilities.