Professional Documents
Culture Documents
Contents
MANAGING A MODERN COMPUTING ENVIRONMENT........................................................................................3
SYSTEMS MANAGEMENT: THE CHALLENGES ...................................................................................................................3
ADDRESSING THE CHALLENGES: WHAT SYSTEM CENTER PROVIDES.................................................................................4
The System Center Family.........................................................................................................................................4
Capturing Knowledge: Model-Based Management.....................................................................................................5
A CLOSER LOOK: THE SYSTEM CENTER TECHNOLOGIES................................................................................5
SYSTEM CENTER OPERATIONS MANAGER 2007...............................................................................................................5
Servers and Agents....................................................................................................................................................6
User Interfaces......................................................................................................................................................... 8
Management Packs...................................................................................................................................................9
Service Monitoring..................................................................................................................................................10
Reporting Services..................................................................................................................................................10
SYSTEM CENTER CONFIGURATION MANAGER 2007........................................................................................................11
Servers and Agents..................................................................................................................................................12
Software Deployment and Update............................................................................................................................12
Desired Configuration Monitoring...........................................................................................................................13
Asset Intelligence....................................................................................................................................................14
Reporting Services..................................................................................................................................................14
An Aside: The Role of Windows Server Update Services.............................................................................................15
SYSTEM CENTER SERVICE DESK................................................................................................................................15
Service Desk Workflows.......................................................................................................................................16
The Configuration Management Database................................................................................................................18
SYSTEM CENTER DATA PROTECTION MANAGER 2006....................................................................................................19
SYSTEM CENTER ESSENTIALS 2007...............................................................................................................................20
SYSTEM CENTER VIRTUAL MACHINE MANAGER............................................................................................................23
SYSTEM CENTER CAPACITY PLANNER 2006...................................................................................................................24
PUTTING THE PIECES TOGETHER: A SYSTEM CENTER SCENARIO...............................................................24
CONCLUSION.............................................................................................................................................................. 27
FOR FURTHER READING..........................................................................................................................................27
ABOUT THE AUTHOR................................................................................................................................................28
Monitoring the hardware and software in a distributed environment to detect issues, then
providing tools to fix those issues. Doing this well means more than just responding to outages
and other incidents. It also requires monitoring the health of systems to prevent problems
before they occur.
Automating the time-consuming process of installing, updating, and patching software. Other
aspects of system configuration might also be automated, such as maintaining up-to-date
descriptions of the hardware and software in the environment.
Handling backup and restore of Windows file server data. Given how cheap disk space has
become, an attractive way to do this is with regular copies to a backup servers disk.
3
Managing virtual machines. As faster hardware lets more applications run on each machine,
organizations are increasingly using virtualization to isolate those applications. Tools for
creating and managing virtual machines can make this process faster and easier.
Sizing installations properly by providing tools for estimating the required resources. This is
especially important for mission-critical applications such as electronic messaging, but its also
useful in other areas.
No one product can reasonably address all of these challenges. Instead, Microsoft has chosen to
group its systems management technologies into a single family, exploiting wherever possible the
commonality that exists across these diverse problems. That family is System Center.
System Center Operations Manager 2007. The successor to Microsoft Operations Manager
(MOM) 2005, this product allows IT staff to monitor and manage the hardware and software in
a modern distributed environment. Its expected to be released in early 2007.
System Center Configuration Manager 2007. The successor to Systems Management Server
(SMS) 2003, Configuration Manager provides tools for automating software installation and
managing system configurations. Its targeted for release in the summer of 2007.
System Center code name Service Desk. An entirely new product, Service Desk will
provide implementations of fundamental IT Service Management processes, including incident
management, problem management, and change management. The expected release date
for this product is sometime in the first half of 2008.
System Center Data Protection Manager 2006. As its name suggests, Data Protection
Manager provides data backup and restore for Windows file servers.
System Center Virtual Machine Manager. A new kind of management tool for the new age of
virtualization, this product helps management staff with the process of consolidating
applications onto virtualized servers. Its expected release date is sometime in the second half
of 2007.
System Center Capacity Planner 2006. Capacity Planner is a tool for determining what
hardware resources will be required to run an application, such as Exchange Server 2003, to
meet specific performance and availability goals.
The services provided by the System Center products are a concrete expression of the goals
Microsoft laid out in its Dynamic Systems Initiative (DSI). DSI is a broad effort aimed at improving
ITs ability to meet an organizations business demands while still lowering the costs of managing
its computing resources. Reaching these goals requires some new approaches, a reality that DSIs
creators recognized. Perhaps the most important of these, an idea called model-based
management, is described next.
Capturing Knowledge: Model-Based Management
While management tools are certainly useful, its people who really know how to manage systems.
People are expensive, however, and so one way to lower the cost of management is to capture
more human knowledge in software. Creating models of the systems being managed can be an
effective approach to doing this.
Toward this end, Microsoft defined the System Definition Model (SDM). An XML-based language,
SDM allows creating a formal definition of a machine, an application, and other components of a
managed environment, along with descriptions of the relationships among these components.
Using this model, a management technology can make more intelligent decisions about what to do
and when to do it.
Microsoft created SDM to provide a common language for describing systems. In mid-2006, a
group of vendors including Microsoft, BEA, BMC, CA, Cisco, Dell, HP, IBM, and Sun published an
initial draft of the Service Modeling Language (SML). Based largely on SDM version 3, the
language used in System Center, SML is intended to provide an industry-wide standard for
modeling complex IT services and systems. Once this standard is complete, both management
software vendors and third parties will have a common language for describing the elements of a
managed environment.
The move to model-based management is visible in several parts of System Center. While not
every member of the family currently takes this approach, SDM is used in some of System
Centers most important products, including Operations Manager, Configuration Manager, and
Service Desk. SDM is also used in other Microsoft products, such as the Distributed System
Designers provided with Visual Studio Team System. Going forward, expect to see modeling
become an even more fundamental part of how Microsoft and other vendors address the problems
of systems management.
The figure above shows the products major components. Administrators and operators can
interact with Operations Manager via the Operations Manager console, as shown in the figure.
From the console, the user can access both the Operations Manager management server and
(indirectly) the Operations Manager reporting server. Each of these servers has its own database,
known as the operational database and the data warehouse, respectively. The systems being
managed, which can include both client and server machines, each run the Operations Manager
agent. This agent can communicate with the management server and the reporting server, sending
information about events on the managed system, the systems performance, services running on
that system, and more. Exactly what kind of events can be sent, what performance data is
monitored, and much more is defined by the specific management packs that are installed. Each
management pack defines rules and more that are downloaded to each managed system. True to
Microsofts goal of model-based management, these management packs are defined using SDM.
Given this brief overview, its useful to take a closer look at the most important aspects of
Operations Manager: management servers and agents, user interfaces, management packs,
service monitoring, and reporting services. The next sections provide short descriptions of each of
these topics.
Servers and Agents
6
The most fundamental parts of Operations Manager are management servers and the agents they
rely on. One or more management servers can be used, although the first management server
installed always acts in the role of root management server. Each agent is then installed and
configured to communicate with a particular management server, allowing the server/agent
communication to be balanced as needed.
A management server can run on Windows Server 2003 or on the forthcoming version of Windows
Server codenamed Longhorn. Agents can also run on either of these systems, as well as on
Windows 2000 Server. Unlike its predecessor MOM 2005, Operations Manager provides agents
for client systems as well as servers, including Windows 2000, Windows XP, and Windows Vista.
Whatever systems they run on, communication between agents and the Operations Manager
servers relies on queues. Doing this allows prioritizing some messages over others, and it also
means that agents and the servers they communicate with dont need to be continuously
connected. To reduce the likelihood of imposters or eavesdroppers, all communication between
managers and agents uses Kerberos to provide mutual authentication and data encryption.
In general, agents send three types of information to management servers:
Events: An event indicates that something interesting has happened, such as a failed login
attempt or the death of a Windows service. To learn about these things, the agent relies on
Windows Management Instrumentation (WMI), the local event log, and other sources.
Alerts: Some of the interesting things that happen on managed systems should be brought to
the attention of the people who are managing this environment. To do this, an agent can send
an alert. Unlike an event, which might just be logged in the Operations Manager databases, an
alert is typically displayed immediately in the user interface. For example, every failed login
attempt on a particular system might generate an event, but four failed login attempts to the
same account within three minutes might also generate an alert.
All of the events, alerts, and performance data sent by every agent are copied into both the
operational database and the data warehouse. The operational database is groomed regularly, i.e.,
data more than a few days old is removed. The data warehouse, however, acts as its name
suggests: its a warehouse for management information, able to store data for a much longer
period.
A management server also sends data to the agents it owns. Most important, the management
server downloads information from management packs to those agents. As described in more
detail later, a management pack defines the events, alerts, and performance data that an agent
sends, along with a great deal more. The management server can also modify an agents behavior,
such as by telling it to stop sending a specific alert, or ask the agent to run a task.
Finally, its worth pointing out that direct interaction between managers and agents isnt the only
choice in Operations Manager. Although its not shown in the diagram above, agents (and even
management servers) can interact with devices such as routers and switches using either SNMP
or the newer WS-Management protocol. This allows Operations Manager to manage more than
just Windows clients and servers, spreading its potential reach to a range of systems and devices.
Operations Manager also provides an option called agentless exception monitoring (AEM) that
allows a management server to be informed of critical problems, such as application and system
crashes, even on machines that dont have Operations Manager agents installed.
User Interfaces
Most often, administrators and operators will interact with Operations Manager via the console.
Based on what shes interested in, an Operations Manager administrator can access specific
views provided by the console. The Event View shows received events, for instance, while the Alert
View shows current alerts. The console also provides a Performance View that displays
performance data (an example of which is shown below), a Diagram View showing the systems in
this managed environment, and more.
The Operations Manager console is a standalone Windows application that communicates with a
root management server. Yet there are situations where a web browser interface is a better choice,
and so Operations Manager also provides a Web console. While not everything thats possible with
the console can be done via this Web interface, a large part of the products functionality is
available via a browser.
Graphical user interfaces, such as those provided by the Operations Manager console and the
Web console, are most peoples preferred choice. Still, there are cases where a command line is a
better option. Some people just prefer this style, but for doing repetitive or automated tasks,
creating a script can be much more efficient that using a GUI. To allow this, Operations Manager
provides a command line interface that uses Microsofts new Windows PowerShell scripting
technology. The product also provides a software development kit (SDK) interface that allows ISVs
and others to expose the functionality of the Operations Manager user interface in any way they
desire.
8
Management Packs
The goal of Operations Manager is to help manage machines, applications, and pretty much
anything else in a modern computing environment. Yet effectively managing such different things
requires a great deal of diverse knowledge. How can a single product embody all of this
knowledge? In fact, how can a single company, even one as large as Microsoft, possibly have all of
this knowledge?
The answer is simple: it cant. Instead, the creators of Operations Manager chose to build a
platform capable of using management knowledge created by anybody. The information required
to manage a particular machine, application, or device is expressed in a management pack (MP).
Hundreds of MPs are available, including MPs for operating systems such as Windows Server
2003, Windows XP, and Windows Vista, for applications such as Exchange Server and SQL
Server, and for third-party systems such as Cisco routers. Its also possible to create MPs for
managing custom applications created and used within a particular organization, as described
later.
Each MP embodies specialized knowledge about the technology it describes. Microsoft, for
example, clearly has the most detailed understanding of its products, and so it creates MPs that
make this knowledge available to customers. Other organizations have deep knowledge in other
areas, knowledge that can also be embedded in an MP.
Whatever it targets, every MP includes an SDM-defined model of the thing being managed. Each
of those models can include the following elements:
Rules: define an agents behavior. The events, alerts, and performance data an agent sends
are determined largely by the rules contained in the MPs installed on that agents system. A
rule can also cause the agent to perform some action, such as running a script.
Monitors: describe the state of some part of the thing being managed. For example, a monitor
might set its state to red when a disk is more than 90% full, to yellow when the disk is between
80% and 90% full, and green otherwise. A monitor can also send an alert when it changes
state.
Tasks: allow running a PowerShell task, an executable, or a script. Tasks can run either on the
console or on the agent, and they can perform functions such as restarting a failed application.
Discovery rules: specialized rules used to locate automatically the things that can be managed
using this MP.
Views: describe custom aspects of the Operations Manager user interface that are relevant to
the component this MP targets.
To get a sense of how the various components of an MP might work together, its useful to think
about a concrete scenario. Suppose an application running on some managed system notices that
it lacks sufficient disk space to function. This application writes an event into that systems event log
9
indicating this, then shuts itself down. The Operations Manager agent on this system continually
monitors the event log, and so it quickly notices this event. The MP for this application contains a
rule that causes a specific alert to be sent to the management server when this event occurs. The
operator sees the alert in the Operations Manager console, and he also sees the MP-provided
knowledge associated with this alert. Reading this knowledge, he learns that he should direct the
agent to run a task that deletes the tmp directory on the applications machine, then restarts the
application. This entire process, from detection of the problem to its ultimate resolution, depends on
the information contained in the MP.
In effect, the rules and monitors in an MP define a health model for the component this MP targets.
MPs can have relationships with other MPs, allowing the overall health of a Windows server, for
example, to depend on the health of various things on that server, such as key Windows services,
the machines disks, its network card, and more. Similarly, the health of a distributed application
might depend on the state of each of its components. The health of these components, in turn,
might depend on the state of still other components. Problems anywhere in this hierarchy can
bubble up to the top, allowing a single unified view of a systems overall health.
Service Monitoring
One of the most interesting aspects of Operations Manager is its ability to manage complete
distributed applications as well as the systems they run on. Referred to as service monitoring, this
allows an administrator to monitor, say, the various software that provides an organizations email
service, or perhaps a custom distributed application. Since applications are what users really care
about, it makes sense to provide the ability to monitor and manage them directly.
Each service thats monitored (i.e., each distributed application) must first be defined. To do this, an
administrator uses the Distributed Application Designer. This tool is accessed through an Authoring
view in the Operations Manager console, and it allows an administrator to specify the various
components that make up the complete application. These components might include the
database server it uses, the application logic, a web server, and more. This tool then generates an
MP for the distributed application as a whole, which can be used like any other MP. To make it
easier to describe an application, even for someone whos not a management specialist, the tool
includes templates for typical applications. The goal is to allow end-to-end monitoring of both the
distributed application and the systems it depends on.
Reporting Services
Effective management requires understanding the managed environment. Regular reports are a
useful way to give people this understanding. Accordingly, an Operations Manager user can
access the products reporting server to define and generate a variety of reports.
The Operations Manager reporting server is based on SQL Server Reporting Services, a standard
component of SQL Server 2005, and it allows generating reports based on data in the data
warehouse. A number of standard reports are defined, tracking events, alerts, performance, and
more, that can be run against specific sets of data. MPs can define reports, too, as can the people
who use Operations Manager.
System Center Operations Manager 2007 is a cornerstone of the System Center family. While it
doesnt solve the entire problem of managementno single product could reasonably do thisthe
services Operations Manager provides are central to managing a distributed environment.
Organizations that choose the System Center path should prepare to invest some time in
understanding this fundamental technology.
10
Much like Operations Manager, a Configuration Manager server communicates with Configuration
Manager agents that run in each managed machine. The server relies on a database containing
policies and more. These policies are downloaded to the Configuration Manager agents, where
theyre used to control the configuration-related behavior of each managed system. To better
organize their interactions with agents and people, Configuration Manager servers implement
several different logical roles, including those of management point, distribution point, reporting
point, and others. Multiple roles can be provided by a single server, as shown above, or different
Configuration Manager servers can implement different roles. Administrators interact with all of this
via the Configuration Manager console.
Servers and Agents
Configuration Manager servers can run on Windows Server 2003 or Windows Server codename
Longhorn, while Configuration Manager agents are available for all client and server versions of
Windows from Windows 2000 SP4 on. To spread the load of interacting with agents in larger
11
environments, Configuration Manager allows creating hierarchies, with a primary server and one or
more secondary servers. Secondary servers need not have their own database, which reduces
both administrative overhead and cost. This option might make sense, for example, when a branch
office needs to have its own Configuration Manager server but doesnt have dedicated
management staff. An administrator can also take control of a client or server machine using
Configuration Managers Remote Tools, making it easier to diagnose and fix configuration
problems.
Software Deployment and Update
Deploying and updating software on managed systems is perhaps Configuration Managers most
fundamental responsibility. It can remotely install both applications and operating systems,
including the initial installation of an operating system on a bare metal machine. Once software is
installed, Configuration Manager can apply patches and other kinds of updates to it. The software
thats installed and updated can be licensed from Microsoft, provided by another software vendor,
or created internally within an organization.
The basic process of deploying and updating software relies on a management point (MP), a
distribution point (DP), and policies. A Configuration Manager agent gets one or more policies from
an MP, then interacts with that MP based on those policies. For example, a policy might instruct the
agent to install Office 2007 at 11 pm tonight, reporting the installations progress to the MP. To
perform this installation, the agent communicates with a DP to get the Office 2007 binary. This
binary is transferred to the agent from the DP using the Background Intelligent Transfer Service
(BITS). This mechanism attempts to avoid disrupting the person using the target system by
pausing when the managed systems CPU is busy, then going full speed when its not.
Configuration Manager also includes an option called Wake on LAN, allowing a system thats
hibernating or even shut off to be powered on, updated, then returned to its previous state. Doing
this can help organizations save money by turning off machines at night while still allowing them to
have new software applied. And to support branch offices without requiring them to run their own
Configuration Manager server, a branch office distribution point can be installed on a desktop
machine. This specialized DP can contact a Configuration Manager server elsewhere in the
organization when required to download software thats needed by systems in this branch office.
The ability to install both client and server operating systems is an important aspect of the service
that Configuration Manager provides. (Operating system installation is also possible with SMS
2003 using a feature pack, which is a packaged set of extensions to the product.) To install an
operating system on a bare metal machine, a Configuration Manager server implements a preexecution environment (PXE) point. To install a new operating system on a currently functioning
system, a Configuration Manager server provides a state migration (SM) point that can store the
target machines settings remotely while that machine is updated to a new operating system.
Configuration Manager supports image-based deployment of operating systems, building on the
improved support for this style of deployment in Windows Vista. On desktop machines,
Configuration Manager can deploy Windows Vista, Windows XP, or Windows 2000 SP4. On server
machines, the product can be used to deploy Windows Server 2003 or Windows Server codename
Longhorn. All of these operating systems are deployed using a common administrative interface,
making the process simpler for the people doing it.
Another problem addressed by Configuration Manager is supporting mobile devices. To help
address this, updates can be applied via wireless communication or over the Internet. Just as
important is the challenge of ensuring that devices attached to a network, such as laptop
computers, have the correct updates installed. Without this, a newly attached laptop might
introduce problems into an otherwise tightly controlled environment. Network Access Protection
(NAP), a new capability in Windows Server codename Longhorn, addresses this problem. When
12
a laptop accesses the network, the system can determine whether key updates as defined by a
Configuration Manager administrator have been made to this machine. If not, the machine is
quarantined until Configuration Manager applies those updates.
Desired Configuration Monitoring
Policies are fundamental to how Configuration Manager performs its tasks. By defining the right
policies for the right machines, an administrator can ensure that those machines have the
applications, updates, and patches that she wants them to have. Another option, known as
Desired Configuration Monitoring, allows using policies to define a model of what the configuration
should be on each managed system. This model is expressed in SDM, and its defined as a group
of configuration items (CIs). Configuration models can be defined by the creator of an application,
by a local administrator, or in some other way. However its defined, the administrator can
customize the model using an editor thats similar to the Outlook rules editor. Among other things,
the CIs in a configuration model can define specific settings in a machines registry, in the Internet
Information Services (IIS) metabase, in a SQL Server configuration, and more. This allows an
administrator to express requirements such as Office XP SP2 should be installed or IIS should
use Integrated Windows Authentication.
Once a configuration model is defined, its downloaded to managed systems as a policy like any
other. The Configuration Manager agent can now monitor the system its running on based on this
model. When something goes out of compliance, the agent informs a Configuration Manager
server, who can in turn inform an administrator that something is wrong. As the pre-release
example screen below shows, its also possible to display a summary of configuration compliance
across multiple machines. The idea is similar to the health model concept used in Operations
Manager, and the underlying approach is the same: model-based management.
13
Asset Intelligence
Installing and updating software is an important part of configuration management, but its not the
whole story. Another useful service is the ability to acquire current information about what hardware
and software is installed. Microsoft calls this asset intelligence, and providing this service is another
of Configuration Managers responsibilities. Using this capability, an administrator can generate
reports showing what operating systems, applications, and updates are installed on all machines,
reconcile purchased licenses with installed copies of licensed software, and more.
Like software installation and updating, asset intelligence relies on policies. A policy might, for
example, instruct a Configuration Manager agent to send the MP a complete inventory of its
installed software and hardware once a day. Policies can also be defined that cause an agent to
inform an MP of exactly which applications are running on the managed system at a particular
time, something that can be useful for tracking software licenses.
Reporting Services
Like Operations Manager, Configuration Manager allows its users to create and run reports. Doing
this relies on a server acting in the reporting point (RP) role. The product provides standard reports
that can be run against the information maintained in the Configuration Manager database, and it
also allows creating custom reports. Unlike Operations Manager, however, this reporting is not built
14
on SQL Server Reporting Services. Instead, Configuration Manager provides its own technology
for creating and running reports.
An Aside: The Role of Windows Server Update Services
Through Microsoft Update, any Windows user with an Internet connection can get updates to
Microsoft software such as Windows XP and Microsoft Office. While directly contacting the
Microsoft Update service makes sense for the typical home user, its less attractive for enterprises.
In a managed environment, administrators commonly want to knowand controlexactly which
updates are installed on every machine. Yet relying on Microsoft Update to provide these is still
attractive. Whats the solution?
One option is to use Windows Server Update Services (WSUS). A WSUS server, which is included
with Windows Server 2003, can access Microsoft Update, then install any updates it finds via the
WSUS clients on affected machines. Doing this lets administrators control how, when, and even
whether those changes are applied. It also eliminates the need for each individual Windows
system to communicate directly with Microsoft Update.
To provide a unified approach, Configuration Manager 2007 relies on WSUS 3.0 for detecting
patches made available through Microsoft Update. Administrators dont need to interact directly
with a WSUS server to do this, however. Instead, Configuration Manager provides these services
through its own user interface.
15
The Service Desk server, shown in the center of the figure, can execute workflows implementing
management processes. Exactly which workflows are available (and more) is determined by the
solution packs installed for this server. To interact with these workflows and to perform other tasks,
end users can access Service Desk via a web-based self-service portal. IT professionals
primarily use the Service Desk console, although they can also use a web-based IT portal for
some tasks. As the figure shows, workflows can interact with other software, such as Operations
Manager and Configuration Manager, to carry out their functions. Because all of these processes
depend on information about the IT environment, Service Desk also includes a Configuration
Management Database (CMDB) that stores information about the IT assets in the environment and
the relationships among them. Finally, to allow reporting and analysis, historical information about
the tasks performed by Service Desk is stored in a separate database known as the data
warehouse.
Service Desk Workflows
Best practices for ITSM arent difficult to find. Both ITIL and the more Windows-oriented Microsoft
Operations Framework (MOF) describe processes for incident management, change
management, and other areas. The hard part is actually putting those processes in place, then
making sure that theyre followed. The automated workflows included with Service Desk are
meant to make it easier to achieve this goal. Those workflows include:
Incident Management: defines a process for restoring normal service as quickly as possible
after an interruption. A crashed server might need to be rebooted, for example, or an
application restarted after an unexpected failure. Incident Management doesnt attempt to
diagnose the underlying problem, but instead focuses solely on getting things back to normal.
Problem Management: provides a process for finding and fixing the fundamental problem
thats causing one or more incidents. Incident Management takes a short-term viewget
things running again without worrying about the root causewhile Problem Management
16
attempts to get to the bottom of the problem. Separating these two activities reflects the enduser focus of ITSM, since restoring normal service after an incident isnt delayed while a
potentially time-consuming hunt for the root problem is carried out.
Asset Lifecycle Management: defines a process for managing an IT asset from its initial
disposition into an organization to its ultimate removal from that organization. For a PC, for
example, this might include things such as keeping track of the systems owner, its contracts
(e.g., leases, warranties, and maintenance agreements), its memory upgrades, what software
is installed on it, and what licenses that software requires.
Self-Service Provisioning: provides a process that lets an end user make a request, such as
having new software installed, then get that request approved (perhaps through pre-defined
approval policies) and actually have the new bits copied to the users system.
Workflows can be started either by an end user or by service desk staff. A user might start an
Incident Management workflow when she reports a problem via the Service Desk self-service
portal, for instance, or kick off the Self-Service Provisioning workflow if she requires new software
installed on her machine. If the user chooses to call the service desk instead, the service desk staff
might initiate the same workflows based on information the user supplies.
Workflows can also be started by other software. Operations Manager might automatically initiate
an Incident Management workflow in response to an alert, for instance, or the Self-Service
Provisioning workflow might instruct Configuration Manager to install a patch on a particular
system. Service Desk also exposes a web services interface that allows third-party software to
start and communicate with workflows.
Exactly which Service Desk workflows are available depends on which solution packs are
installed. Service Desk will ship with standard solution packs that implement the processes just
described, and third parties can create solution packs that address particular areas. Broadly
analogous to Operations Managers management packs, each solution pack groups together the
things required to support a particular aspect of ITSM, such as a workflow and a group of forms
that allow users to interact with that workflow. (The workflows are built on Windows Workflow
Foundation, while forms are defined using InfoPath.) Solution packs can also include other things,
such as reports, Web Parts for the Windows SharePoint Services-based self-service portal, and
more.
The screen shot below shows an early version of the Service Desk console. The panel on the left
illustrates standard solution packs, including Incident Management, Change Management, and all
of the others described earlier. Any other solution packs that are installed would show up here as
well. Service desk staff can also track the status of in-progress workflows through this console,
giving them a current picture of where each one stands.
17
Work items identifying incidents, change orders, and other management tasks.
Relationships among these items. For example, an email service consists of a group of
applications, servers, databases, and more. The CMDB can maintain information about how
all of these components are related. Using Active Directory, it can also associate individual
users with the services they rely on.
Having a single place to store this information allows taking a centralized approach to ITSM. Some
of this information, such as work items, is generated within Service Desk itself, while other parts
are created elsewhere. As described earlier, for instance, configuration items are an important part
of the data maintained by Configuration Manager. This means that the Service Desk CMDB must
connect to other databases in the managed environment to get all of the information it needs.
Along with the CMDB, Service Desk provides the data warehouse shown earlier. Service Desk
builds on SQL Server Reporting Services to allow its users to create and view reports on the
information in this warehouse. Along with more traditional reports, Service Desk reporting
supports analytical views based on cubes and other kinds of data aggregation.
18
An ITSM-based approach has become fundamental to modern management solutions. Without it,
theres often no consistent set of policies and procedures for IT professionals to follow when
managing the IT infrastructure, nor is there typically a clear focus on the end user. The goal of
Service Desk is to help make ITSM a reality in the System Center environment.
19
Unlike tape backup, Data Protection Manager captures every change made to a file when that
change occurs. These changes are stored locally on the file server, then sent by the Data
Protection Manager agent to the Data Protection Manager server according to an administratordefined schedule, such as once an hour. Sometimes referred to as near-continuous data
protection, this approach is significantly better than traditional once-a-day backups (and its infinitely
better than having no backup policy at all). For data with less stringent backup requirements, Data
Protection Manager can also be configured to back up files at other intervals, such as once a day.
And for long-term or offsite storage of backup data, Data Protection Manager itself can be
connected to a tape backup system.
Once data has been backed up, it can be restored on demand. If an end user requests recovery of
a lost file from an organizations service desk, for example, the Data Protection Manager
administrator console can be used to locate and restore the file. Data Protection Manager also
allows end users to do file recovery themselves, providing an option that integrates recovery
directly into Microsoft Office applications. This lets users recover previous versions of a backed-up
document without intervention by IT staff.
To help administrators understand whats happening with backups, Data Protection Manager
provides a set of reports. A MOM 2005 management pack is also available, allowing Data
Protection Manager to send events, alerts, and more to the MOM console. And for organizations
looking for a packaged solution, Microsoft partners such as Fujitsu Siemens, HP, and Quantum
provide products that include both Data Protection Manager and the hardware required to run it.
Because it targets file servers, Data Protection Manager 2006 backs up files rather than
databases. Accordingly, it cant be used to back up SQL Server data or information in applications
that rely on SQL Server, such as Exchange Server and Windows SharePoint Services. The next
version of Data Protection Manager, scheduled to be released in the second half of 2007,
addresses these limitations. This version of the product also adds stronger support for moving
backup data stored on a Data Protection Manager server to tape.
Near-continuous data protection of Windows file servers addresses an important problem, one
thats faced by many organizations. Data Protection Manager, part of the larger System Center
family, is Microsofts solution to this problem.
The figure above shows the products major components. The System Center Essentials server
communicates with System Center Essentials agents for monitoring and update. Essentials relies
on management packs, as in Operations Manager, and it uses both an operational database and
the WSUS database. All of this is accessed via the System Center Essentials console.
Midsize organizations that today use both MOM 2005 and SMS 2003 might choose instead to
move to Essentials once its available. It will also be possible in the future to remotely manage an
organizations computing environment by accessing an Essentials server from the Operations
Manager console across the Internet. The goal of this option is to let smaller firms more easily
outsource management of their systems.
Using Essentials, an administrator can perform most of the tasks that are possible with Operations
Manager, including the following:
View events, alerts, and performance data from managed clients, servers, and hardware
devices such as routers. Any Operations Manager management pack can be used with
Essentials, and Essentials also includes a group of management packs tailored for midsize
businesses.
Use the knowledge and tasks in management packs to diagnose and repair problems.
Generate reports on availability trends, billing, and more. Like Operations Manager, Essentials
reporting is based on SQL Server Reporting Services, and it includes both pre-defined reports
and the ability to create custom reports.
21
Essentials also provides a significant superset of the functionality available in WSUS 3.0. Using
Essentials, an administrator can:
Install and uninstall applications on managed clients and servers. An organization might use
Essentials to deploy Microsoft Office, for example, or to distribute EXEs or MSI files containing
custom applications.
Distribute software updates and patches, whether received from Microsoft Update or supplied
locally.
Maintain an inventory of software and hardware assets. An administrator can create and view
reports on this information through the Essentials console, obviating the common practice in
smaller organizations of maintaining asset inventory in spreadsheets.
To be more approachable for the IT generalists it targets, the Essentials console provides an
uncomplicated user interface. As the screen shot below illustrates, for example, this interface can
provide an overview of a managed environment that includes monitoring status, software
deployment status, available reports, and more. The goal is to help its users do their jobs as
effectively as possible.
Likes the Operations Manager management server, the Essentials server runs only on Windows
2003 Server and Windows Server codename Longhorn. Similarly, Essentials is able to manage
the same set of clients, servers, and other devices that Operations Manager supports. And while
Essentials can perform the lions share of whats possible with Operations Manager and
22
Configuration Manager, its focus on smaller environments means that the product is also restricted
in some ways. Among the most important of these restrictions are the following:
The licensing model limits the environment Essentials can manage to no more than 500
desktops.
Although it does significantly more than WSUS 3.0, the configuration capabilities of Essentials
are more limited in some ways than whats provided by Configuration Manager. Essentials
cant install an operating system on a machine that doesnt already have one, for example, nor
can it use the SDM-based Desired Configuration Monitoring.
The reporting capabilities supplied with Essentials are more limited than those in Operations
Manager. Essentials has no separate data warehouse, for example, and so historical data
cant be maintained for long periods.
Unlike Operations Manager and Configuration Manager, Essentials cant automatically interact
with System Center Service Desk.
Despite these limitations, organizations that rely on IT generalists for system management tasks
might find Essentials an attractive choice. While bigger firms will be better off using the combination
of Operations Manager and Configuration Manager, many small and midsize businesses will likely
be happier with Essentials.
24
As the figure above shows, the process begins when the Operations Manager agent running on
the Exchange servers machine detects that this server process has shut down unexpectedly.
Based on a rule defined in the Exchange Server management pack, this agent immediately sends
an alert to the Operations Manager server (step 1). The Operations Manager server displays this
alert on the Operations Manager console, but as described earlier, the server can also
automatically ask Service Desk to start an Incident Management (IM) workflow to address this
problem (step 2). Like other Service Desk workflows, this one interacts with the service desk staff,
who determine that this Exchange server requires a patch (step 3).
To install this patch, the service desk employee whos handling this incident starts a Change
Management (ChM) workflow (step 4). This workflow contacts the Configuration Manager server,
requesting it to install the correct patch for this Exchange server (step 5). The Configuration
Manager server then causes the Configuration Manager agent on the Exchange servers system to
download and install that patch (step 6).
25
The figure above shows the rest of the process. Once the patch is installed, the Configuration
Manager agent informs the Configuration Manager server of the successful installation (step 7),
which in turn informs the Change Management workflow (step 8). The Change Management
workflow informs the Incident Management workflow that the problem has been resolved, then
shuts itself down (step 9). The Incident Management workflow next informs the Operations
Manager server of the resolution, allowing this server to close the alert (step 10), then shuts itself
down. Finally, the Operations Manager server tells the Operations Manager agent on the
Exchange servers system to run a task (defined by the Exchange Server management pack) that
restarts the patched Exchange server (step 11). Everything that happensthe initial alert, the two
workflows, and the patchis captured in various databases throughout these products, adding to
the historical store of knowledge maintained about the systems in this organization. This
knowledge can be used to improve the SDM models maintained by each of these three System
Center products.
This scenario doesnt involve every product in the System Center family. System Center Essentials
isnt used, for instance, since its intended to provide a unified solution for smaller organizations. Yet
its entirely possible that other System Center products are used in this environment. Data
Protection Manager might be used to back up the data on this organizations Windows file servers,
for example, and any virtual machine-based server consolidation might rely on Virtual Machine
Manager. Similarly, Capacity Planner may well have been used to size the Exchange installation
shown here. The diverse problems of system management require diverse solutions, and so the
System Center family contains a varied set of tools.
26
Conclusion
Even with the best tools, managing a complex distributed environment isnt easy. Yet the quality of
an organizations management softwareand how well it works togethercan make a significant
difference in system availability and management cost. Keeping an organization running means
keeping that organizations systems running, and so using the right tools to do this makes obvious
business sense.
The System Center family encompasses a group of technologies focused largely (although not
entirely) on managing Windows systems. Wherever possible, the members of this family use a
standard, model-based approach, allowing a common description of the systems being managed.
Especially for organizations with a significant investment in Windows, System Center can provide
the right foundation for managing their computing world.
System Center:
http://www.microsoft.com/systemcenter
27
28