Microsoft® System Center Configuration

Manager 2007 SP1 with R2

Infrastructure Planning and Design Series

 What Is IPD?

Planning and design guidance that aims to clarify and

streamline the planning and design process for Microsoft ®
infrastructure technologies

IPD:
• Defines decision flow

• Describes decisions to be made

• Relates decisions and options for the business

• Frames additional questions for business understanding

Page 2 |
 Getting Started

MICROSOFT® SYSTEM CENTER

CONFIGURATION MANAGER
2007 SP1 WITH R2

Page 3 |
 Purpose and Agenda
• Purpose
To assist in the decision process to plan a successful
Microsoft System Center Configuration Manager SP1
with R2 implementation
• Agenda
Define the project scope
Determine which roles will be deployed
Determine the number of sites required
Design the sites
Determine the number of hierarchies required
Design each hierarchy

Page 4 |
 What Is Microsoft System Center
Configuration Manager 2007 SP1 with R2?
Microsoft System Center Configuration Manager
(ConfigMgr) 2007 SP1 with R2 is a configuration
management solution that:

• Contributes to a more effective IT department by enabling

secure and scalable operating system and application
deployment and desired configuration management.
• Provides comprehensive asset management of servers,
desktops, and mobile devices.

Page 5 |
 Applicable Scenarios
The guide addresses the needs of:
• Organizations with no configuration management solution that want to use
ConfigMgr.

• Organizations that presently use another configuration management

solution and are planning to move to ConfigMgr.

• Organizations with multi-forest environments where ConfigMgr will be

employed to manage systems that span Active Directory forest
boundaries.

• Organizations that have distributed environments with systems separated

by wide area network (WAN) links.

• Organizations with mobile devices, such as smartphones, that operate

beyond firewalls but must be managed centrally.

Page 6 |
 Example of ConfigMgr Architecture

Page 7 |
 ConfigMgr Design Flow

Page 8 |
 Step 1. Define Project Scope

Answer the following questions to align goals with business

motivation:

• Will project encompass entire enterprise?

• Which features will project address?

• What is the client population to be managed?

• What are the organization’s service expectations?

1 2 3 4 5 6

Page 9 |
 Step 2. Determine Which Roles Will Be
Deployed
Establishing which site roles are required and where they are
located determines site design and sizing, network sizing, and
if the ConfigMgr client will be deployed.

1 2 3 4 5 6

Page 10 |
 Step 3. Determine the Number of Sites
Required
Start with one site, and then add more as required by the following:

• Scale

• Privacy concerns

• Internet-connected clients

• Active Directory forests

• Network location

• International languages

• Organization

1 2 3 4 5 6

Page 11 |
 Step 4. Design the Sites
• Task 1: Plan the roles that are always required

• Task 2: Plan the roles that are optional

• Task 3: Plan the roles that are feature-specific

• Task 4: Determine where to place hierarchy roles

• Task 5: Determine where to place primary and secondary

sites and branch distribution points

• Task 6: Determine if native mode is required – the two

options are native mode and mixed mode

1 2 3 4 5 6

Page 12 |
 Step 4, Task 6. Option 1: Native Mode
• Benefits:

Higher level of security by integrating with a public key infrastructure (PKI)

to help protect client-to-server communication.

Enables the management of clients that are connected to the Internet, such
as laptops used by mobile workers, computers used from an employee’s
home, and smartphones.

• Challenges:

PKI infrastructure is required.

Estimated native mode site operations are 10-15 percent slower in overall
performance compared to sites configured to operate in mixed mode due to
added load of encryption and signing.

Cannot interoperate with SMS 2003.

All parent locations up to and including the central site must be in native
mode.
1 2 3 4 5 6
Page 13 |
 Step 4. Task 6. Option 2: Mixed Mode
• Benefit:
Enables integration with SMS 2003.

• Challenge:
Additional design may be required to ensure the security of
connections beyond the organization’s firewalls.

1 2 3 4 5 6

Page 14 |
 Step 4. Design the Sites - continued
• Task 7: Assign Clients to Sites

• Task 8: Design boundaries of protected distribution point systems

• Task 9: Design the site systems

• Task 10: Determine the Fault-Tolerance Approach

1 2 3 4 5 6

Page 15 |
 Step 5. Determine Number of Hierarchies
Required
Start with one hierarchy and add more, if required.

Some possible scenarios requiring additional hierarchy are:

• Size

• Central site is mixed mode and native mode is required

• Isolated networks

• Politics

• Regulatory requirements

1 2 3 4 5 6

Page 16 |
 Step 6. Design Each Hierarchy
• Task 1: Determine where to place central site

• Task 2: Plan the site hierarchy

1 2 3 4 5 6

Page 17 |
 Summary and Conclusion
The guide summarized the critical design decisions, activities,
and tasks required to enable a successful design of ConfigMgr.

It focused on decisions involving:

• Which ConfigMgr roles will be required

• The server roles, role placement, databases, and

connectivity of the ConfigMgr infrastructure

• The number of ConfigMgr hierarchies required, and how

many sites are required within each hierarchy

• Provide feedback to satfdbk@microsoft.com

Page 18 |
 Find More Information

• Download the full document and other IPD guides:

http:/www.microsoft.com/ipd

• Contact the IPD team:

satfdbk@microsoft.com

• The Microsoft Solution Accelerators Web site:

http://www.microsoft.com/technet/SolutionAccelerators

Page 19 |