Cloud & Datacenter Management Microsoft System Center 2012 provides a common toolset to manage infrastructure and applications across

private, hosted, and public clouds, helping IT: • Create a uniform, self-healing IT fabric from existing assets for dynamic, self-service allocation across business units. • Deliver predictable application service levels with 360-degree monitoring, deep insight, and integrated developer operations. • Optimize applications’ use of datacenter, hoster, and Windows Azure capacity with lowfriction migration, all managed from a single pane of glass.

O Microsoft System Center 2012 fornece um conjunto comum de ferramentas que permitem gerir infraestruturas e aplicações em clouds privadas, públicas e alojadas. O conceito informático de Cloud está relacionado com um outro conceito mais vasto, o Cloud Computing, ou seja computação em nuvem. Este conceito resulta de uma evolução e adopção de tecnologias e paradigmas já existentes e, de uma forma muito simplista, pode definir-se como a utilização de recursos computacionais distribuídos como um serviço através da internet, de forma a permitir aos utilizadores usufruirem dos benefícios de todas essas tecnologias sem a necessidade de um conhecimento aprofundado ou experiência prévia sobre cada um deles. Dois dos objectivos principais deste conceito são precisamente a redução de custos e o permitir aos utilizadores concentrarem-se no núcleo do negócio sem serem impedidos pelos obstáculos inerentes ás tecnologias de informação, as quais irão ser sumariamente descritas mais á frente. Relativamente ás funcionalidades do System Center que integram este conceito de Cloud Computing, pode verificar-se que estas permitem: • Criação de uma malha uniforme de tecnologias de informação a partir de items existentes para uma alocação dinâmica e autónoma ao longo das unidades de negócio; • Distribuição de níveis de serviço de aplicações previsíveis com monitorização 360º, análise aprofundada e operações integradas de desenvolvimento;

Service Delivery & Automation
Overview

specify pricing for each BUIT at different levels of granularity. You can also integrate and extend your existing toolsets and build flexible workflows (or runbooks) to automate processes across your IT assets and organizations. network. and Request Services • • • Enable self-service infrastructure with the self-service portal offered by Service Manager. Automate Processes and Systems Necessary to Fulfill Service Requests . • Provision and allocate pooled infrastructure resources to internal business unit ITs (BUITs) using the Cloud Services Process Pack§ (CSPP) that’s natively integrated into Service Manager. • Chargeback (or showback) storage. you can automate core organizational process workflows like incident management. System Center 2012 delivers the following service delivery and automation capabilities: Standardize Services Provided to IT Service Consumers • Define standardized service offerings by leveraging dependencies in a centralized configuration management database (CMDB). • Publish standardized service offerings through the Service Catalog offered by Service Manager. change management. Empower IT Service Consumers with the Ability to Identify. and release management. Access. Using the Service Manager and Orchestrator components of System Center 2012.System Center 2012 helps you simplify and standardize your datacenter with flexible service delivery and automation. problem management. Set access and resource quota levels on a per-user or per-BUIT basis. • Ensure compliance with pertinent industry regulations and business needs with the IT GRC Process Pack§. Ensure capture and tracking of required service request information. and compute costs to BUITs.

The integrated physical. systems. Integrate and carry forward your existing investments in datacenter management toolsets. Optimize and Extend Existing Investments through Integration • • • Optimize heterogeneous environments with integrated management. Infrastructure Management Overview Microsoft System Center 2012 provides a common management toolset to help you configure. provision. Desired configuration management with automated remediation. Deliver Scalable and Reliable Datacenter Services through Orchestrated Workflows • • Accelerate your time to value with flexible process workflows. If your infrastructure is like that of most organizations. and VMware) with Orchestrator Integration Packs§. virtual. departments. • Automate provisioning of service requests for end-to-end request fulfillment. extend automation to Windows Azure Virtual Machine§ workflows without the need for coding or scripting. you have physical and virtual resources running heterogeneous operating systems. IBM. and public cloud management capabilities in System Center 2012 . • Orchestrate automated workflows across multiple processes. Improve service reliability across multiple tools. Benefits By automating repetitive tasks and standardizing services and configuration. monitor. and operate your IT infrastructure. and departments.• Integrate and extend automation across System Center and third-party management toolsets (including BMC. you can lower your costs and improve service reliability. HP. and systems. private. Lower Costs and Improve Predictability through Standardization and Automation • • • Enable IT resources to focus on work that adds business value. Reduce time to delivery and improve predictability by reducing error-prone manual activities. Centralize collection and reporting for datacenter assets.

• Automatically patch your physical and virtual resources with Configuration Manager and . and cloud resources. • Deliver self-service capability for application owners to request and automate provisioning of new private cloud resources. and endpoint protection with Configuration Manager. Operate Your Infrastructure • Leverage a single console and customizable dashboards in Operations Manager to monitor and manage your physical. • Dynamically optimize virtual resources for load balancing and power efficiency. virtual. Provision Private Clouds • Use "create cloud" functionality in Virtual Machine Manager to aggregate virtual resources running on Hyper-V. vSphere. • Manage VMware vSphere and Citrix XenServer using one interface. and XenServer into a unified private cloud fabric. System Center 2012 delivers the following infrastructure management capabilities: Provision your Physical and Virtual Infrastructure • Support deployment and configuration of virtual servers and Hyper-V with Virtual Machine Manager. • Provision everything from operating systems to physical servers. networking. application.can help you ensure efficient IT management and optimized ROI of those resources. patches. • Protect your physical and virtual resources with Endpoint Protection and Data Protection Manager. • Customize and assign private cloud resources to suit your organization’s needs. • Automatically deploy Hyper-V to bare metal servers and create Hyper-V clusters.

Operations Manager. • Improve network health and availability with central management of your diverse set of network hardware devices. • Leverage integrated views and management across your Windows and Linux/Unix-based operating system environments. • Provide controlled delegation of routine infrastructure provisioning and management tasks. Benefits Unified Management of Existing Infrastructure Investments • Consolidate your virtual resources with a single management solution for Hyper-V. and storage) into dedicated private cloud fabric. VMware and Citrix virtual machines. • Speed up provisioning of new infrastructure resources with automated service catalog requests. • Reduce infrastructure costs with automated power management.Virtual Machine Manager. Application Management Overview Microsoft System Center 2012 offers unique application management capabilities that can empower you to deliver agile. you can deliver "Applications as a Service"— where a "Service" is a deployed instance of a cloud style application along with its associated configuration and virtual infrastructure. predictable application services to your business counterparts. network. software inventory. and software usage metering. • Flexibly scale virtual and cloud resources up or down. • Automatically track and create custom reports for hardware inventory. as needed. Using the App Controller. and Virtual Machine Manager components of System Center 2012. Simplified Management with Process Automation and Standardization • Improve infrastructure availability with automated remediation of errors or alerts. Improved Utilization of Existing Infrastructure • Pool and abstract your datacenter resources (compute. .

Server App-V simplifies application upgrades and maintenance. optimizes your applications for private cloud deployments by abstracting the application from the underlying OS and virtual infrastructure. or on Windows Azure. Diagnosis. You can migrate core applications like Microsoft SQL Server. a unique technology in Virtual Machine Manager. elasticity and scale-out rules. Server App-V. By enabling image-based management. 360-Degree Application Monitoring. and Microsoft SharePoint Server from onpremises environments to Windows Azure with just a few simple mouse clicks. Active Directory. System Center 2012 offers a service-centric approach to help you manage your application components in the context of the holistic business service that it represents. Outside-in monitoring with Global Service Monitor (GSM) and Operations Manager provides you with real time visibility into application performance as experienced by your end-users. health thresholds.NET applications. A service template would typically include specifications for the hardware. System Center 2012 includes the following application management capabilities: Standardized Application Provisioning Virtual Machine Manager offers service templates to help you define standardized application blueprints. Comprehensive Hybrid Application Management App Controller offers your application owners a single view to manage application services and virtual machines. middle tier. whether they are on-premises. Support for multiple package types for Microsoft . Extend your on-premises monitoring experience to Windows Azure with the System Center Monitoring Pack for Windows Azure applications. and Dev-Ops Operations Manager offers deep application and transaction monitoring insight for . App Controller provides the ability to deploy and migrate virtual machines to the Windows Azure Virtual Machine service. . and SQL Server DAC for data tier. and back end with the associated virtual infrastructure that hosts it. including MS Deploy for web tier (IIS). and application packages that compose the service. Microsoft Server Application Virtualization (Server App-V) for application tier. and upgrade rules.Application Management Overview The preceding figure represents a three-tier service with a front end. at service providers. operating system. Specify application configuration requirements like topology.NET applications (and J2EE application servers) and helps you efficiently isolate the root cause of application performance issues down to the offending line of code.

2013 Applies To: System Center 2012 Configuration Manager. Service Provider. Extend familiar on-premises experiences and skills to management of Windows Azure applications.Operations Manager and GSM integrate with Microsoft Visual Studio to facilitate devops collaboration. Deliver operational efficiencies by simplifying application upgrades and maintenance. Remediate application issues faster by optimizing “dev-ops” collaboration. Offers easy-to-use reporting and custom dashboarding with Operations Manager. Deliver Predictable Application SLA through Deep Application Insight Maximize availability and performance for your business critical applications. Simplify Application Delivery through Standardization and Self-Service Optimize time-to-market through self-service application provisioning. Free up on-premises datacenter capacity or ease on-ramp to cloud with application portability from on-premises to Windows Azure. thereby helping you remediate application issues faster. Effectively track and communicate your application SLAs. Fundamentals of Configuration Manager 8 out of 14 rated this helpful . Reduce application deployment errors by introducing consistency and repeatability. Benefits Recognizing that applications power your business.Rate this topic Updated: March 1. Consistent Application Management across On-Premises. Ensure organizational compliance with centralized visibility and control for your IT department. System Center 2012 offers deep application insight that helps you deliver predictable application services. System Center 2012 Configuration Manager SP1 . and Windows Azure Environments Empower your application owners with a single management view irrespective of where their applications reside.

you cannot install additional primary sites that can communicate with one another. This site is either a central administration site or a primary site. you create a Configuration Manager site that is the foundation from which to manage devices and users in your enterprise. you have an arrangement of sites that is known as a hierarchy. see What’s New in Configuration Manager. you can install additional primary sites to manage more devices and to control network bandwidth when devices are in different geographical locations. Sites When you install System Center 2012 Configuration Manager for the first time. If you do not install a central administration site. If you have installed a stand-alone primary site and you later decide to use a central administration site design. The following diagrams show some example site designs. For information about supported operating systems and supported environments. When you install a central administration site. This design change is known as site expansion. you can use the following information to learn about the basic concepts for Microsoft System Center 2012 Configuration Manager before you run Setup or read more detailed information. Configuration Manager SP1 lets you do this. see Supported Configurations for Configuration Manager. A primary site is suitable for smaller deployments and it has fewer options to accommodate any future growth of your enterprise. A central administration site is suitable for large-scale deployments and provides a central point of administration and the flexibility to support devices that are distributed across a global network infrastructure. you can still install one or more secondary sites to extend this primary site when you have to manage a few devices that have a slow network connection to the primary site. If you are familiar with Configuration Manager 2007. By default. and capacity information. you can publish System Center 2012 Configuration Manager sites to Active Directory Domain Services so that Active Directory computers can securely retrieve . When you have more than one site that communicates with one another. the first site that you install is a standalone primary site. Secondary sites extend a primary site to manage a few devices that have a slow network connection to the primary site. you must also install at least one primary site to manage users and devices. However. Site designs Publishing Site Information to Active Directory Domain Services If you extend the Active Directory schema for System Center 2012 Configuration Manager. hardware requirements. Configuration Manager without a service pack does not support this design change until you upgrade the site to Configuration Manager SP1. You can also install another type of site that is named a secondary site. With this design.If you are new to Configuration Manager.

System Center 2012 Configuration Manager site information from a trusted source. When you install a Configuration Manager site. As with all schema extensions. Site system role Description Site server A computer from which you run Configuration Manager Setup and that provides the core functionality for the site. Before you can publish site information. which stores information about Configuration Manager assets and site data. Component server A server that runs Configuration Manager services. this configuration improves the security of your System Center 2012 Configuration Manager hierarchy and reduces administrative overhead. When you install all the site system roles except for the distribution point role. which you cannot transfer to another server or remove without uninstalling the site. you must also create an Active Directory container named System Management in each domain that contains a System Center 2012 Configuration Manager site. The site system roles that provide basic management functionality are described in the following table. Site database server A server that hosts the SQL Server database. Site System Servers and Site System Roles Configuration Manager uses site system roles to support management operations at each site. You must also configure the Active Directory permissions so that the site can publish its information to this Active Directory container. you extend the schema for System Center 2012 Configuration Manager one time only per forest. One of these site system roles is the site server. Configuration Manager automatically installs the component server. You can use other servers to run additional site system roles or to transfer some site system roles from the site server by installing and configuring Configuration Manager site system servers. some site system roles are automatically installed and assigned to the server on which Configuration Manager Setup has run successfully. Each site system role supports different management functions. . Although publishing site information to Active Directory Domain Services is not required for basic Configuration Manager functionality. You can extend the Active Directory schema before or after you install System Center 2012 Configuration Manager.

and boot images. operating system images. Distribution point A site system role that contains source files for clients to download. Site system role Description Application Catalog web service point A site system role that provides software information to the Application Catalog website from the Software Library. The additional site system roles that you might need for specific functionality are listed in the following table. Application Catalog website point A site system role that provides users with a list of available software from the Application Catalog. according to their business requirements and network infrastructure. When companies first deploy Configuration Manager in a production environment. Asset Intelligence synchronization point A site system role that connects to Microsoft to download Asset Intelligence catalog . software packages.Management point A site system role that provides policy and service location information to clients and receives configuration data from clients. such as application content. Reporting services point A site system role that integrates with SQL Server Reporting Services to create and manage reports for Configuration Manager. software updates. Then they install additional site system servers and add new site system roles. they typically run multiple site system roles on the site server and have additional site system servers for distribution points.

information and upload uncategorized titles so that they can be considered for future inclusion in the catalog. Software update point A site system role that integrates with Windows Server Update Services (WSUS) to provide software updates to Configuration Manager clients. Enrollment proxy point A site system role that manages Configuration Manager enrollment requests from mobile devices and Mac computers. Enrollment point A site system role that uses PKI certificates for Configuration Manager to enroll mobile devices and Mac computers. Fallback status point A site system role that helps you monitor client installation and identify the clients that are unmanaged because they cannot communicate with their management point. . Endpoint Protection point A site system role that Configuration Manager uses to accept the Endpoint Protection license terms and to configure the default membership for Microsoft Active Protection Service. and to provision Intel AMT-based computers. Out of band service point A site system role that provisions and configures Intel AMT-based computers for out of band management. State migration point A site system role that stores user state data when a computer is migrated to a new operating system.

Site roles Clients System Center 2012 Configuration Manager clients are devices such as workstations. and configuring settings that are needed for compliance. laptops. It must be installed on a NAP health policy server. You can create your own collections to logically group the devices that you manage. you could use the All Mobile Devices collection.System Health Validator point A site system role that validates Configuration Manager Network Access Protection (NAP) policies. These options include client push installation. Management includes operations such as reporting hardware and software inventory information. servers. which automatically excludes computers. configuração de definições necessárias para conformidade. You can also include the client when you deploy an operating system image. The following diagram shows these basic and additional site system roles that you can add to the site server computer or distribute by installing additional site system servers. Os clientes para o gestor de configuração são dispositivos como plataformas de trabalho (Workstations). you might want to install a mobile device application on all mobile devices that are enrolled by Configuration Manager. Windows Intune connector A site system role in Configuration Manager SP1 that uses Windows Intune to manage mobile devices in the Configuration Manager console. informação de inventário de software. Configuration Manager has discovery methods that you can use to find devices on the network to help you install the client software on those devices. Configuration Manager uses collections to group devices so that you can perform management tasks on multiple devices that share a common set of criteria. instalação de software. servidores e dispositivos móveis que tenham o software cliente do gestor de configuração instalado por forma a que esses dispositivos possam ser geridos. computadores portáteis. and manual installation. A gestão que é realizada ao nível destes dispositivos inclui operações como relatório de hardware. according to your business requirements. If this is the case. Group Policy. and mobile devices that have the Configuration Manager client software installed so that you can manage them. software update-based installation. For example. User-Centric Management . installing software. Configuration Manager has several options to install the client software on devices.

Because Application Catalog is a website that is hosted in IIS. Users can also specify their primary devices from the Application Catalog. These main devices are called primary devices. where they can browse for. whether the client is enabled for software updates and other management operations. Client Settings When you first install System Center 2012 Configuration Manager. there are also user collections that contain users from Active Directory Domain Services. If there are any conflicts. and request software. Other methods of configuring the user device affinity information include importing the information from a file and automatic generation from usage data.In addition to the collections for devices. One of the ways in which users can control their software deployment experience is by using the new computer client interface. This client interface lets users manage their own software. A user can have one or more primary devices. User collections let you install software on all computers that the user logs into. Software Center. and whether users can enroll their mobile devices to be managed by Configuration Manager. the setting that has the lowest order number overrides the other settings. In addition. they are applied according to their order number. if you allow this configuration. if remote control is enabled in Configuration Manager Configure options for power management if an administrative user has enabled this A link in Software Center lets users connect to the Application Catalog. as well as perform the following: Install software Schedule software to automatically install outside working hours Configure when Configuration Manager can install software on their device Configure access settings for remote control. Software Center is automatically installed on client computers and accessed from the users’ Start menu. the Application Catalog lets users configure some preference settings and wipe their mobile devices. all clients in the hierarchy are configured by using default client settings that you can change. These client settings include configuration options such as how frequently devices communicate with the site. you can create custom client settings and then assign them to collections. users can also access the Application Catalog directly from a browser. You can create multiple custom client settings and they are applied in the order that you specify. . When you have multiple custom client settings. or you can configure user device affinity so that the software installs on only the main devices that the user uses. If you need different client settings for groups of users or devices. from the intranet. install. Users or devices that are in the collection will be configured to have the custom settings. or from the Internet.

which includes monitoring and reconciling license information from System Center Online. you can perform various client management tasks. You can configure these to be installed by a specified date and time. even though the device does not have the System Center 2012 Configuration Manager client installed. and you can configure applications to be uninstalled. Any settings that are defined in this policy can be configured by Configuration Manager. The connector lets you configure the settings in the Exchange Default ActiveSync mailbox policy. which uses Intel Active Management Technology (AMT). Because the client is not installed. or run diagnostic utilities to help troubleshoot them. Collect hardware and software inventory information. which include the following: Deploy applications. and operating systems. you can still manage them by using the Exchange Server connector. Configuration Manager uses the client software to provision and configure computers for AMT. . Configuration Manager connects directly to the AMT management controller. For example. Define client configuration settings that you want to monitor and remediate if they are out of compliance. and this connector also supports remote wipe and Exchange access rules for block and quarantine. maintenance scripts.The following diagram shows an example of how you could create and apply custom client settings. there are also two scenarios in which you can manage devices independently from the client software: out of band management. the client software is not used. but when you perform AMT management operations. you cannot deploy software to these devices. and notify you when problems are detected. or make them available for users to install when they are requested. software updates. Any mobile device that you manage by using the Exchange Server connector displays in the All Mobile Devices collection. This means that you continue to have some management control over computers that are not started or are not responding at the operating system level. and mobile devices that are connected to an Exchange Server computer. you could restart these computers. re-image them. Instead. However. Client settings Limited Management without Clients The System Center 2012 Configuration Manager client software provides full management capability for users and devices. Help protect computers from malware and security threats. When you cannot install the Configuration Manager client software on mobile devices. Client Management Tasks After you have installed Configuration Manager clients.

Confirm that the client has successfully downloaded client policy after the client is installed for the first time and that client settings are enabled or disabled as expected. Manually assign a client to a Configuration Manager site or try to find a site. initiate compliance evaluation. use the client status information that provides data about the health of the client and client activity. Configure the client cache that temporarily stores files. You can use the Configuration Manager console to monitor these operations in near realtime. Configuration Manager (Windows Control Panel) When you install the Configuration Manager client. and specify the DNS suffix for management points that publish to DNS. Configure settings for Internet-based client management. For capturing data and historical trending. such as the build number. To help ensure that you continue to manage the System Center 2012 Configuration Manager clients. and delete files in the cache if you require more disk space to install software. View configuration baselines that were deployed to the client. by using alerts and status information. This data helps identify computers that are not responding and in some cases. Unlike Software Center. Implement power management settings to manage and monitor the power consumption of computers. such as download the client policy if there was a recent change of configuration in the Configuration Manager console and you do not want to wait until the next schedule time. the management point it is communicating with. this installs the Configuration Manager client application in Control Panel. Start client actions. . and whether the client is using a PKI certificate or a self-signed certificate.Troubleshoot computers by using remote control or by using AMT operations for AMT-based computers that are not responding. according to the client settings that are configured in the Configuration Manager console. Some configuration options require local administrative permissions and most options require technical knowledge about how Configuration Manager works. You can use this application to perform the following tasks on a client: View properties about the client. and view compliance reports. you can use the integrated reporting capabilities of SQL Reporting Services. this application is designed for the help desk rather than for end users. problems can be automatically remediated. its assigned site.

First.Security Security for System Center 2012 Configuration Manager consists of several layers. only local Administrators have rights to the files and registry keys required to run the Configuration Manager console on computers where it is installed. add the other accounts to the SMS Admins group. Role-Based Administration . By default. such as firewalls and intrusion detection. Certificates issued by industry standard PKI implementations help provide authentication. and encryption. including some groups that are created during System Center 2012 Configuration Manager Setup Then. To grant other accounts permission to the Common Information Model (CIM) repository and the SMS Provider. help provide defense in depth for the whole environment. signing. By default. This group at first contains only the user who installed System Center 2012 Configuration Manager. such as the following: File sharing to transfer files between System Center 2012 Configuration Manager components Access Control Lists (ACLs) to help secure files and registry keys IPsec for securing communications Group Policy for setting security policy DCOM permissions for distributed applications. The final layer of security is based on permissions to objects in the site database. the Local System account and the user account that you used to install System Center 2012 Configuration Manager can administer all objects in the site database. You can grant and restrict permissions to additional administrative users in the Configuration Manager console by using role-based administration. The SMS Provider is restricted by default to members of the local SMS Admins group. The next layer of security is based on access through Windows Management Instrumentation (WMI). specifically the SMS Provider. System Center 2012 Configuration Manager controls access to the Configuration Manager console in several ways. additional security components. Windows provides many security features for both the operating system and the network. such as the Configuration Manager console Active Directory Domain Services to store security principals Windows account security.

System Center 2012 Configuration Manager installs some default security roles for typical management tasks. Client computers always communicate by using the most secure method that is available and only fall back to using the less secure communication method of HTTP on the intranet if you have site systems roles that allow HTTP communication. The site system roles that clients connect to can be configured for either HTTPS or HTTP client communication. Securing Client Endpoints Client communication to site system roles is secured by using either self-signed certificates. you might have to manually add computer or user accounts to these default groups and roles. For example. Before y . Privacy Although enterprise management products offer many advantages because they can effectively manage lots of clients. However. Security scopes group specific instances of objects that an administrative user is responsible to manage. This results in the client software sending information to the Configuration Manager site. Computer clients that Configuration Manager detects to be on the Internet and mobile device clients must use PKI certificates so that the client endpoints can be secured by using HTTPS. you must also be aware of how this software might affect the privacy of users in your organization. or by using public key infrastructure (PKI) certificates. Several default groups and SQL Server roles are created during Setup. some of which could raise privacy concerns. and sites. and collections define what objects an administrative user can view and manage. However. such as an application that installs Microsoft Office 2010. you can create your own security roles to support your specific business requirements. The combination of security roles. many management settings are enabled by default. some management tasks might require creating and maintaining additional accounts. Security roles are assigned to administrative users and group permissions to different Configuration Manager object types. Configuration Manager Accounts and Groups System Center 2012 Configuration Manager uses the Local System account for most site operations. Client information is stored in the Configuration Manager database and the information is not sent to Microsoft. when you install the System Center 2012 Configuration Manager client. This administration model centrally defines and manages hierarchy-wide security access settings for all sites and site settings. However. security scopes.System Center 2012 Configuration Manager uses role-based administration to help secure objects such as collections. such as the permissions to create or change client settings. System Center 2012 Configuration Manager includes many tools to collect data and monitor devices. deployments.

Sign up to vote on this title
UsefulNot useful