Chapter 1: Introduction to the System Center Suite

Excerpt from Microsoft System Center Enterprise Suite Unleashed

1 2 3 4 5 6 7 8 Page 7
Page 7 of 8
  • Device provisioning—MDM helps administrators provision or set up a mobile device for users. Beyond just creating a user profile for the mobile device user to access and synchronize their emails and contacts, MDM’s process of provisioning helps IT personnel lock down the device, uninstall unnecessary applications, encrypt content on the mobile device, enforce security on the mobile device, and provide secured (VPN) access from the mobile device into an organization’s business resources.

  • Device inventory and tracking—MDM also keeps track of mobile devices by keeping track of device serial numbers, validating that the device still exists and is active in the environment, and transferring serial numbers and asset tag information between users when a device changes from one individual to another in an organization.

  • Active updates and device management—MDM also has the ability to push updates to a mobile device. Although many organizations pay little attention to the patching and updating of mobile devices in the enterprise, with the proliferation of mobile devices and the complexity of the software and applets available for mobile users to install and use on their mobile devices, performing periodic patching and updating of devices is critical. MDM provides the mechanism to update systems “over the air.”

  • Password and PIN control—The password and PIN control configuration options allows for changing security settings of mobile devices all from the centralized MDM console.

  • Self-service management—The self-service management function of MDM, shown in Figure 1.17, allows a user to self-enroll new devices and submit requests for management options for their mobile device in a self-service web portal screen.

  • Figure 1.17

    Self-service enrollment capabilities of MDM.

  • Device wipe and deprovisioning—If a user loses their mobile device, MDM can send a “poison pill” to the device and wipe the data off the device and completely reset the device’s configuration. This is important as a user who loses their device with sensitive emails or confidential file data is subject to the same laws and regulations that protect privacy of protected data, and as such, organizations need a process where device security can address laws and regulations around data protection.

Background on System Center Mobile Device Manager

System Center Mobile Device Manager has been available for the past couple of years initially as a tool to simply provision and deprovision mobile devices. With the release of System Center Mobile Device Manager 2008 SP1, more functionality was added to better help administrators manage and support mobile devices in the enterprise. Mobile Device Manager today supports managing Windows Mobile v6.1 or higher devices utilizing Active Directory 2003 or Active Directory 2008 with specific policy push and security management control capabilities that organizations can leverage in their process to keep mobile devices managed and protected similar to servers and other client systems in the environment.

What to Expect in the System Center Mobile Device Manager Chapter

In this book, a single chapter is dedicated to the System Center Mobile Device Manager product. Chapter 18, “Using Mobile Device Manager to Manage Mobile Devices,” covers what’s in MDM, how administrators can install MDM, best practices at creating MDM policies, and how users can take advantage of MDM to self-service manage and support their mobile devices.

System Center Mobile Device Manager 2008 SP1 is a very helpful product for organizations looking to manage their Windows Mobile devices. Jump to Chapter 18 of this book for specific information and deployment and configuration guidance on how MDM can be best leveraged in your enterprise.

Understanding System Center Essentials

System Center Essentials is a standalone product focused on midsized organizations with fewer than 500 users and 50 servers. Rather than setting up a full-blown version of System Center Configuration Manager to patch and update systems, a full-blown version of System Center Operations Manager to monitor systems, and a full-blown version of Virtual Machine Manager to manage virtual guest sessions, System Center Essentials includes all of the major features in a single package.

The System Center Essentials 2010 console, shown in Figure 1.18, provides the main menu for all of the features and functions in Essentials 2010.

Figure 1.18

System Center Essentials console.

Business Solutions Addressed by System Center Essentials

For midsized organizations with limited personnel, the thought of setting up three or four management tools and then managing the management tools places the organization in the challenging situation of having management tools take more to manage than supporting the actual servers and systems themselves. Effectively, System Center Essentials helps organizations focus on managing the applications and not on managing the management tool.

System Center Essentials 2010 allows the administrator to complete business-critical tasks. One such task is tracking servers and system assets, as well as administering and managing systems. To shorten the time from deployment to simplified management, System Center Essentials has built-in wizards that help an administer set up and perform key tasks faster and easier. With a limited set of features, IT personnel can focus on key management factors, not become loaded down with a lot of large, enterprise-focused features not used by smaller businesses.

Major Features of System Center Essentials

System Center Essentials 2010 is an incredible tool that required Microsoft to make hard choices on what features to include that are valuable to administrators of small and midsized enterprises, but not overwhelm the administrators with too many features and functions that take away from the simplistic goals of the product. Some of the major features in the product are as follows:

  • Asset tracking—All organizations, large or small, need to know what assets the organization has as well as keep track of the assets. System Center Essentials inventories systems in the environment and tracks the inventory so that when systems are added or inventory is removed, the administrator is notified.

  • Patching and updating—Any organization hit with a virus or worm knows that patching and updating systems on a regular basis is critical. System Center Essentials provides an automatic mechanism to identify systems and keeps those systems patched and updated.

  • Software distribution—The ability to push out new software or even push out service packs or updates is a core component of SCE. Although patches and updates are typically small file updates, software distribution involves scheduling and managing larger updates, such as 80MB service pack updates or 300MB product upgrades. SCE has the ability to package up applications and automatically push them to managed systems in the environment.

  • Remote support—When a user has a problem with their system, the last thing an IT staff member needs to do is get up, track the user down, and provide face-to-face support when all the user does is sit and look over the IT personnel’s shoulder. Instead, SCE provides remote-support capabilities so that the IT help desk or support individual merely launches a remote-control agent and takes control of the user’s system to provide remote support and assistance.

  • Proactive monitoring and alerting—Essentials 2010 monitors servers and generates alerts and proactively resolves system problems based on actual user experience. The monitoring notifies the IT administrator when problems occur. The monitoring screen is shown in Figure 1.19.

  • Figure 1.19

    Server monitoring in System Center Essentials.

  • Virtual host management—As organizations of all sizes are virtualizing their servers, SCE has the virtual host management capabilities of Virtual Machine Manager built in. This feature in SCE allows an administrator to manage and support virtual guest sessions right from the SCE console.

  • Physical-to-virtual (P2V) conversions—One of the most commonly used features in the full-blown System Center Virtual Machine Manager product is the P2V function. P2V converts a physical server in an environment to a virtual guest session.

  • Reporting—Lastly, SCE has critical reporting capabilities built in so that reports can be generated and printed on network assets, the patch and update status of systems, service-level agreement uptime reports, access and password violation tracking reports, and the like. These reports are necessary for an organization to understand the status of systems and security in the environment, and when required by auditors or regulators, to have the information immediately available to share with the proper authorities.

Background on System Center Essentials

System Center Essentials is a relative newcomer to the System Center family of products with the initial release coming out only in 2007. The product has not drastically changed since the 2007 release, other than the update and addition of more components into the product to have the current version of the product. System Center Essentials 2010 supports the capabilities of the 2007 edition plus the addition of virtualization management.

The whole premise of the product was to make a simplified set of tools an administrator could leverage to help them manage servers and client systems in the enterprise. The core components that provide system inventory, patching, updating, monitoring, and alerting are the core components in Essentials 2007 and are carried over to Essentials 2010.

The biggest improvements in the product have been the addition of new wizards and automated process controls that continue to simplify the use and administration of the product.

What to Expect in the System Center Essentials Chapter

In this book, a single chapter is dedicated to the System Center Essentials 2010 product. Chapter 19, “Using System Center Essentials for Midsized Organizations,” covers everything from how to install and configure SCE to the use of SCE 2010 for patching, updating, distributing software, monitoring, alerting, and managing virtual systems.

System Center Essentials 2010 is an excellent tool for organizations with fewer than 500 users and 50 servers to get all of the key benefits found in the other Microsoft System Center products, but from a single server installation and console. Jump to Chapter 19 of this book for specific information and deployment and configuration guidance on how SCE can be best leveraged in your enterprise.

Understanding System Center Licensing

System Center is sold and licensed as individual products or as a suite with several System Center components bundled together. It is always best to visit the Microsoft website (http://www.microsoft.com/systemcenter/en/us/pricing-licensing.aspx) to best understand the current licensing scheme as the licensing model changes, or better yet, contact a licensing specialist who can provide information on special discounts that apply based on your organization’s purchasing and licensing contract.

However, in general, the core System Center products, including System Center Configuration Manager, System Center Operations Manager, System Center Data Protection Manager, System Center Virtual Machine Manager, and System Center Service Manager, are all sold as a server license along with a client access or operating system environment license.

The server license is typically the main license for the application itself. As an example, SCCM and SCOM require a server to host the software, and, thus, the server itself needs to have an SCCM or SCOM server license. Likewise, SCCM and SCOM also have client systems associated with the servers that are managed; in the case of SCCM, which patches, updates, and manages workstations, an SCCM client license is required for each client system under management. For SCOM, because frequently it is a server that is being monitored and managed, the SCOM client license is actually a management license for the target server being managed.

In the case of System Center Virtual Machine Manager, there are no specific “clients” associated with the product, only virtual host servers and virtual guest sessions. Microsoft uses what they call an operating system environment (OSE) license as the target destination license for VMM.

Core Client Access Licenses

For products that have client access licenses like SCCM, Microsoft bundles licenses within their client license platform. As an example, organizations that have a core client access license, or CoreCAL, that provides them rights to use Windows, standard Exchange features, and standard SharePoint features, the CoreCAL also includes a license for SCCM. Pretty much every mid- and large-size enterprise has an enterprise agreement with the CoreCAL and, as such, these organizations already own the client license for SCCM. All the organization needs to do is purchase a server license for SCCM to be able to set up a full SCCM-managed environment.

Server Management Suite Volume Licensing

For products where Microsoft licenses the products based on servers, an organization can purchase a Server Management Suite license. More details on Server Management Suite license are available at http://www.microsoft.com/systemcenter/en/us/management-suites.aspx.

But, in general, there is the System Center Server Management Suite Enterprise (SMSE) and the System Center Server Management Suite Datacenter (SMSD) licenses. The SMSE provides a license in an environment where virtualization is used where the SMSE license covers the licensing of System Center Configuration Manager, System Center Operations Manager, System Center Data Protection Manager, and System Center Virtual Machine Manager for the physical host server as well as up to four virtual guest sessions on the system running System Center products.

The SMSD license covers all of the same System Center products, but for a flat fee per processor, it covers ALL of the guest sessions running on a single physical host server.

Microsoft has several discount levels on licensing and it is best to discuss the licensing requirements as well as specific license pricing with an organization that can assess the licensing pricing level of your organization.

Summary

This first chapter of the book was intended to provide you, the reader, with a background of the various System Center products available, how the products fit into the management scheme of an organization, and what to expect in the subsequent chapters in this book.

Overall, the life cycle in an enterprise has a system operating system deployed on a system using System Center Configuration Manager that also patches and updates the system and keeps the system in a standardized configuration. The System Center Operations Manager product then monitors the system, whether a server or a client system, and proactively alerts administrators of any pending problems.

The System Center Data Protection Manager backs up server and application data and provides the ability for the administrator or even an end user to recover information based on as little as 15-minute increments of time. In addition, the System Center Virtual Machine Manager product helps to manage physical and virtual server systems, including the conversion of physical systems to virtual guest sessions as well as intelligently placing guest sessions on physical servers with the most available capacity.

The overall tool that helps an organization manage their environment is the System Center Service Manager that provides incident management, change control, and consolidated reporting for servers and client systems within the environment.

1 2 3 4 5 6 7 8 Page 7
Page 7 of 8
IT Salary Survey: The results are in