All messages posted to this blog are provided "AS IS" with no warranties, and confer no rights.
Information on unreleased products are subject to change without notice.
Dates related to unreleased products are estimates and are subject to change without notice.
The content of this site are personal opinions and might not represent the Microsoft Corporation view.
The information contained in this blog represents my view on the issues discussed as of the date of publication.
You should not consider older, out-of-date posts to reflect my current thoughts and opinions.
© Copyright 2004-2012 by Jose Barreto. All rights reserved.
Follow @josebarreto on Twitter for updates on new blog posts.
There's a lot of information posted about Microsoft's efforts around Infrastructure Optimization, also known as simply IO. This is an interesting way to describe the maturity of an IT Infrastructure and also to provide clues to what would be your next logical step in improving it. Your organization can be at any of the four different maturity levels (Basic, Standardized, Rationalized or Dynamic). Microsoft has worked on three separate models (Core, Business Productivity and Application Platform).
This is all great, but most IT people find it somewhat complex to understand and even a little intimidating at first. I found that the easiest way to quickly grasp the value of these models is to look at a nice table showing the various capabilities and specific requirements at each maturity level. The table below shows that information for the Core IO Model:
Capability \ Level
Basic
Standardized
Rationalized
Dynamic
Identity and Access Management
No centralized directory service
Unified Directory Service
Policy enforced Standard Configuration
Centrally Managed Identity Services
Multiple directories
Group policy management
Automated Account Provisioning
Secure Network Access for Customers and Partners
Federated Services
Desktop, Device and Server Management
Ad-hoc Patching
Desktop Patching
Server Patching
Infratructure Capacity Model
Multiple Desktop Configurations
Standard Desktop Images
Automated OS Deployment
Mobile Device Management and Security at Parity with PC’s
No Mobile Device Management
Two Client OS
Layered Images
Dynamic Workload Shifting for Virtual Infrastructure
Standardized Desktop Applications
Virtualization
Limited Mobile Device Management
Current OS Images
Mobile Device Management with SLA
Security and Networking
No Dedicated Firewall
Standard Antivirus
Managed Firewall
Threat Management and Mitigation Across Client and Server Edge
Limited Network Infrastructure (DNS, DHCP, etc)
Centralized Firewall
Host-based Firewalls
Model-enabled Service Level Monitoring
No Standard Antivirus
Basic Networking Services
Secure Remote Access
Automated Quarantine of Non-Compliant or Infected PCs
Manual Server Monitoring
Monitoring Critical Servers
Secure Wireless
Server Monitoring with SLAs
Managed WAN
Data Protection and Recovery
Ad-hoc Backups
Backup and Recovery for Critical Servers
Backup and Recovery for All Servers with SLAs
Backup and Recovery of Clients with SLA’s
No Recovery Testing
Central Branch Office Backup
Self service data backup and administration management
ITIL/COBIT-based Management Process
No Formalized Process
Defined Support Services
Defined Problem, Change and Release Management
Business / IT Defined SLA’s
No Commitment to Service Levels
Document Incident & Problem Response Strategy
Fully documented Operations
Proactive and Agile
Ad-hoc Support, Problem and Change Management
Limited Problem, Change and Configuration Management
Defined Service Levels
Optimizing Service Delivery
Enhanced Configuration Management
Improving Service Levels, Business Continuity and Availability
Security Process
Limited Security Accountability
Accountability to Data Security
Defined Security Compliance and Automated Audit Tools
Automated Risk Assessment
No Formalized Incident Response
Limited Risk Assessment
RMS
Managed Network and Data Security Process
Limited Access Control
Password Protection of Data
Documented Threats and Vulnerabilities
Automated Security Policy Verification
Limited Tools and Policy Compliance Automation
Security Standards for SW Acquisitions
If you find the table above interesting, I invite you to further investigate the details about the models, including extensive guides on how to progress from one level to the next. I like the guides, but the best IO-related resource I have seen is a tool to assess your company's current level by just answering a few questions. With that information at hand, you can get yourself busy with specific activities that will take you to the next level. You can also look at the other two models (the table above covers only the Core IO Model).
For details and access to the guides and assessment tool, check the main IO web site at: http://www.microsoft.com/io
PingBack from http://world-of-mo.de/2007/08/16/ein-paar-infos-zum-trustedinstallerexe/