Windows Azure Architecture Guide
February 15, 2017 | Author: Gustavo Rivera | Category: N/A
Short Description
Download Windows Azure Architecture Guide...
Description
Architecture Guide
Windows Azure
October 2012 Version 3.0
Disclaimer This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. Some examples are for illustration only and are fictitious. No real association is intended or inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. © 2012 Microsoft Corporation. All rights reserved. Microsoft, the Microsoft logo, the Windows logo, Active Directory, ActiveSync, AppFabric, Bing, BizTalk, Excel, Hyper-V, InfoPath, Internet Explorer, Office 365, Outlook, PerformancePoint, PowerPoint, SharePoint, SQL Azure, SQL Server, Visio, Visual Studio, Windows, Windows Azure, Windows Intune, Windows Mobile, Windows PowerShell, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.
Contents Overview .............................................................................................................................................. 4 Scope of This Guide ....................................................................................................................................................................... 4 Who Should Read This Guide .................................................................................................................................................... 4 How to Use This Guide ................................................................................................................................................................. 4 Section Summaries ......................................................................................................................................................................... 4
Customizing Your Solution ............................................................................................................. 5 Why Customize? .............................................................................................................................................................................. 5 The Customization Process ......................................................................................................................................................... 5 Understand Your Priorities ........................................................................................................................................... 5 Choose a Starting Point ................................................................................................................................................. 6 Adjust the Optimization Mapping ............................................................................................................................ 6 Adjust the Logical Architecture .................................................................................................................................. 8 Design the Physical Architecture and Plan ............................................................................................................ 8
Phase 1 ................................................................................................................................................. 9 Envision the Solution ..................................................................................................................................................................... 9 Definition ............................................................................................................................................................................. 9 Optimization Mapping ................................................................................................................................................ 10 Technology Mapping .................................................................................................................................................. 13
Architect the Solution .................................................................................................................................................................14 Logical Architecture ..................................................................................................................................................... 14 Illustrative Physical Architecture ............................................................................................................................. 15 System Components .................................................................................................................................................... 16
Plan Development and Deployment of the Solution .....................................................................................................20
Phase 2 ............................................................................................................................................... 64 Envision the Solution ...................................................................................................................................................................64 Definition .......................................................................................................................................................................... 64 Optimization Mapping ................................................................................................................................................ 65 Technology Mapping .................................................................................................................................................. 67
Architect the Solution .................................................................................................................................................................69 Logical Architecture ..................................................................................................................................................... 69 Illustrative Physical Architecture ............................................................................................................................. 70 System Components .................................................................................................................................................... 70
Plan Development and Deployment of the Solution .....................................................................................................75
Phase 3 ............................................................................................................................................... 97 Envision the Solution ...................................................................................................................................................................97 Definition .......................................................................................................................................................................... 97 Optimization Mapping ................................................................................................................................................ 98 Technology Mapping ................................................................................................................................................ 101
Architect the Solution .............................................................................................................................................................. 103 Logical Architecture ................................................................................................................................................... 103 Illustrative Physical Architecture ............................................................................................................................ 103 System Components .................................................................................................................................................. 104
Plan Development and Deployment of the Solution .................................................................................................. 109
Architecture Guide
Page 3 of 123
Overview This section explains this document’s scope, the intended audience, a description about how the audience should use this document, and a summary of the key sections.
Scope of This Guide This document helps the audience design a logical architecture for an enterprise platform that is based on Microsoft® technologies and that optimizes Windows® Azure™. It also contains references to other documents that describe how to design a physical architecture and how to plan for developing and deploying the designed platform. The audience should use the information in this document in the context of business needs and integrated capability requirements that the Microsoft Optimization solution area for Windows Azure discusses. This solution area helps structure conversations with IT directors and executives to better understand their business drivers and priorities, discuss potential business capabilities, and design and deploy a robust enterprise platform that supports the solution.
Who Should Read This Guide This document is for solution implementation team members who specify and plan an enterprise platform that optimizes Windows Azure. Solution implementation team members typically include business analysts, solution architects, platform architects, infrastructure architects, IT infrastructure managers, and IT operations managers.
How to Use This Guide This document provides useful information about an integrated capability analysis, which is a structured process for validating the requirements, specifying the design, and planning to develop and deploy an enterprise architecture.
Section Summaries This document has four major sections:
Customizing Your Solution: This section provides an approach to use the remaining sections of this document and other Optimization solution area materials to validate requirements, specify the design, and plan to develop and deploy an enterprise architecture that meets your specific needs.
Phase 1: This section provides the definition; Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy Phase 1.
Phase 2: This section provides the definition; Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy the Phase 2.
Phase 3: This section provides the definition; Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy the Phase 3.
Architecture Guide
Page 4 of 123
Customizing Your Solution This section provides an approach to use this document and other Optimization solution area materials to validate requirements, specify the design, and plan to develop and deploy an enterprise architecture that optimizes Windows Azure.
Why Customize? This document and the other Optimization solution area materials define three illustrative solution phases that increase in complexity and potential business value: Phase 1, Phase 2, and Phase 3. Each solution phase specifies business capabilities that map to the Optimization maturity models, architecture diagrams, and technologies. The definitions of these three illustrative solutions are quite robust, so it is likely that no solution exactly matches your particular needs because your business has:
Specific priorities of business drivers
Specific priorities of business capabilities
Existing architecture and initiatives in your environment
The Customization Process You should use the solution phases as starting points in the following steps, which ensures a resulting platform that is robust, agile, and manageable: 1.
Understand your priorities.
2.
Choose a starting point.
3.
Adjust the Optimization mapping.
4.
Adjust the logical architecture.
5.
Design the physical architecture and plan.
Understand Your Priorities The first step is to clearly understand, document, and baseline your priorities. You can use the Business Priorities Guide for a solution area to discuss, capture, and baseline the relevance and priority of specific business drivers and potential business capabilities. Figure 1 illustrates an example where:
The business driver, “Create high-impact sales proposals,” is the first priority.
Red text emphasizes the compelling business capabilitiess that address the organization’s specific needs.
Architecture Guide
Page 5 of 123
Figure 1 Example business priorities
Choose a Starting Point Based on your priorities, Phase 2 is the starting point for this example because it is the least advanced solution that covers the first priority business capability.
Adjust the Optimization Mapping Review and adjust the Optimization mapping that corresponds to the starting-point solution. You can remove capabilities that you do not need and change the maturity levels for the capabilities. Figure 2 illustrates this process for the specific business capability priorities. In this figure:
? *
Capability is needed Capability is not needed Capability may not be relevant Capability that Phase 2 defines may not match the specific requirement for the customized solution
Architecture Guide
Page 6 of 123
Figure 2 Adjusting your solution’s Optimization mapping
Tips for adjusting your solution’s Optimization mapping:
For capabilities that may not match the specific requirement for your customized solution (that is, capabilities that are marked with an asterisk [*]): •
Refer to the Optimization model definitions.
•
Consider using an alternate maturity level that corresponds to your requirements, as Figure 3 shows.
•
Remove items in a capability that you do not need.
Figure 3 Using an alternate maturity level
Architecture Guide
Page 7 of 123
For capabilities that may not be relevant (that is, capabilities that are marked with a question mark [?]): •
Identify, document, and discuss how a capability might be relevant.
•
Identify the Core capabilities that may not be critically relevant, as Figure 4 shows.
Figure 4 Identifying a Core capability that is not critically relevant
Server Security helps protect and secure the server infrastructure at the data center from viruses, spam, malware, and other intrusions.
Adjust the Logical Architecture After you identify a stable set of business capabilities and corresponding required Optimization capability maturity levels, you can adjust the technology mapping, logical architecture, and system components of the starting-point solution phase to remove what you do not need.
Design the Physical Architecture and Plan From the system components list that you adjusted, you can refer to the corresponding lists to design a specific physical architecture that meets your needs and environment and to plan how to develop and deploy your customized platform.
Architecture Guide
Page 8 of 123
Phase 1 This section provides the definition, Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy Phase 1.
Envision the Solution This section provides the definition of Phase 1 and other useful information, such as starting points, to help you envision your solution’s definition, Optimization mapping, and technology mapping.
Definition Phase 1 is a robust, enterprise-class deployment that addresses the following goals:
Addresses the most typical compelling business priorities.
Gets you using the new platform with high visibility, leading to positive return on investment.
The conceptual architecture diagram in Figure 5 represents the collective set of business capabilities that Phase 1 includes. Figure 5 Conceptual architecture diagram for Phase 1
Architecture Guide
Page 9 of 123
This section describes the integrated capabilities of the Phase 1 solution. Organizations can use this section to better understand which integrated capabilities they need to customize for the solution to meet specific business needs. Organizations that require a Phase 1 solution for Windows Azure need to manage their IT infrastructure efficiently with minimal administrative overhead and focus on value-added services by expanding their existing portfolio of applications and services. Organizations need to have highly available, scalable, multitenant data services in the cloud to meet changing business needs on demand. Organizations can help deliver on-demand computing and storage capabilities while ensuring a familiar and consistent application development model. Organizations can better work with increasing amounts of data from multiple locations and devices by linking existing on-premises data stores to cloud-based storage services without compromising performance and achieving defined service-level agreements. Organizations can provide more secure access to applications that are exposed over Internet, firewall, domain, and network boundaries by building federated authorization into applications.
Optimization Mapping Error! Reference source not found.6 shows the Optimization mapping for Phase 1. Figure 6 Optimization mapping for Phase 1
Architecture Guide
Page 10 of 123
Architecture Guide
Page 11 of 123
Architecture Guide
Page 12 of 123
Technology Mapping Phase 1 requires the following Microsoft technologies:
Client Technologies Microsoft Office 2007 / 2010
Microsoft Office Outlook® 2007 / Microsoft Outlook 2010, Microsoft Office Word 2007 / Microsoft Word 2010, Microsoft Office Excel® 2007 / Microsoft Excel 2010, Microsoft Office PowerPoint® 2007 / Microsoft PowerPoint 2010
Microsoft Office Visio® 2007 / Microsoft Visio 2010
Microsoft Office Project 2007 / Microsoft Project 2010
Microsoft Forefront® Endpoint Protection 2010 / Microsoft System Center 2012 Endpoint Protection
Windows® 7 / 8
Server Technologies Microsoft SQL Server® 2008 R2 / 2012
Microsoft Server Security
Microsoft Internet Security and Acceleration Server 2006 / Microsoft Forefront Threat Management Gateway 2010
Microsoft Intelligent Application Gateway 2007 / Microsoft Forefront Unified Access Gateway 2010
Microsoft Forefront Identity Manager 2010 / 2010 R2
Microsoft Windows Server® 2008 R2 / 2012
Microsoft System Center
Microsoft System Center Operations Manager 2007 R2 / Microsoft System Center 2012 Operations Manager
Microsoft System Center Data Protection Manager 2010 / Microsoft System Center 2012 Data Protection Manager
Microsoft System Center Configuration Manager 2007 R3 / Microsoft System Center 2012 Configuration Manager
Microsoft System Center Virtual Machine Manager 2008 R2 / Microsoft System Center 2012 Virtual Machine Manager
Microsoft System Center Service Manager 2010 / Microsoft System Center 2012 Service Manager
Opalis / Microsoft System Center 2012 Orchestrator
Microsoft Windows Storage Server 2008 / 2008 R2
Windows Server AppFabric®
Microsoft Hyper-V® Server 2008 / 2008 R2
Microsoft BizTalk® Server 2009 / 2010
Architecture Guide
Page 13 of 123
Cloud Technologies Microsoft Business Productivity Online Services / Microsoft Office 365
Microsoft SharePoint® Online
Windows Azure™ platform
Windows Azure
Windows Azure AppFabric
Microsoft SQL Azure
Microsoft Online Backup Service
Development Tools Microsoft .NET Framework
Microsoft Visual Studio® 2010 Team Foundation Server / Microsoft Visual Studio 11 Team Foundation Server
Microsoft Visual Studio Team System 2008 / 2010 / 11
Windows Communications Foundation (WCF) Services
Tools Microsoft Assessment and Planning Toolkit 6.0 / 6.5
Microsoft Security Assessment Tool
Microsoft Software Inventory Analyzer 5.0 / 5.1
Microsoft Deployment Toolkit 2010 / 2012
Windows Automated Installation Kit
Microsoft Security Compliance Management Toolkit
Compliance Management Libraries 2.0
Data Classification Toolkit
IT Governance, Risk and Compliance process management pack 2.0
BizTalk ESB Toolkit
Architect the Solution This section provides the logical architecture, illustrative physical architecture, and list of required system components for Phase 1, which are useful starting points to help you design your solution.
Logical Architecture Figure 7 is the logical architecture diagram that shows the infrastructure for Phase 1 and its functionalities. This diagram provides a high-level overview of the requirements to implement Phase 1. This diagram is a starting point; you should customize it to meet the specific needs of your organization.
Architecture Guide
Page 14 of 123
Figure 7 Logical architecture diagram of Phase 1
Illustrative Physical Architecture Figure 8 is an illustrative physical architecture diagram for Phase 1. A physical architecture diagram shifts from describing technologies as capabilities and roles to describing physical systems. As with all sample diagrams, you should customize this diagram to meet the specific needs of your organization. For more information about customizing this diagram (including the required software product editions), see Plan Development and Deployment of the Solution in Phase 1. Figure 8 Physical architecture for Phase 1
Architecture Guide
Page 15 of 123
System Components This section lists the system components that Phase 1 requires. The system components consist of product components that are grouped by product families. Table 1 lists the product components that each solution capability in Phase 1 needs. You can use this table to better understand which product components you need to meet the specific solution capability requirements for your customized solution. The legend for the table is as follows: X
Product must be included to enable the solution capability.
*
Product is recommended to better enable the solution capability.
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Enabling services to navigate firewalls or network boundaries
Office Project 2007 / Project 2010
*
Forefront Endpoint Protection 2010 / System Center 2012 Endpoint Protection
*
*
*
*
X
X
X
X
Highly available, scalable, multitenant storage service in the cloud
Relational data model in the cloud that provides connectivity with existing onpremises storage
Creation, prototyping, and deployment of applications that integrate data across the organization
Self-managing capability to provision data services with built-in fault tolerance
Table 1 System components for Phase 1
Product family Product component
CLIENT TECHNOLOGIES Office 2007 / 2010 Office Outlook 2007 / Outlook 2010, Office Word 2007 / Word 2010, Office Excel 2007 / Excel 2010, Office PowerPoint 2007 / PowerPoint 2010
*
Office Visio 2007 / Visio 2010
*
Windows 7
X
X
Windows 8 Offline Files
*
DirectAccess SERVER TECHNOLOGIES Office SharePoint Server 2007 / SharePoint Server 2010* Sites and Portals Single Sign-On Service / Secure Store Service*
Architecture Guide
Page 16 of 123
Relational data model in the cloud that provides connectivity with existing onpremises storage
X
X
X
X
X
X
X
Enabling services to navigate firewalls or network boundaries
Creation, prototyping, and deployment of applications that integrate data across the organization
*
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Self-managing capability to provision data services with built-in fault tolerance
Product component
Highly available, scalable, multitenant storage service in the cloud
Product family
SQL Server 2008 R2 / 2012 Database Engine
*
Server Security Forefront Security for SharePoint / Forefront Protection 2010 for SharePoint Internet Security and Acceleration Server 2006 / Forefront Threat Management Gateway 2010 Firewall Intelligent Application Gateway 2007 / Forefront Unified Access Gateway 2010 Forefront Identity Manager 2010 / 2010 R2
*
X
X
*
*
X
X
X
X
*
Windows Server 2008 R2 / 2012* Active Directory® Domain Services
X
X
X
X
Active Directory Federation Services Active Directory Certificate Services Active Directory Lightweight Directory Services
*
Network Policy and Access Services Group Policy
*
X
*
Internet Information Services (IIS) 7/8 Hyper-V
*
*
Windows Deployment Services Windows Firewall with Advanced Security
*
*
*
*
*
*
*
*
*
*
*
*
* *
*
*
DirectAccess Storage Spaces*
Architecture Guide
X
Page 17 of 123
X
*
X
System Center Configuration Manager 2007 R3 / System Center 2012 Configuration Manager
*
*
*
*
*
*
*
*
Enabling services to navigate firewalls or network boundaries
System Center Data Protection Manager 2010 / System Center 2012 Data Protection Manager
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Creation, prototyping, and deployment of applications that integrate data across the organization *
Product component
Relational data model in the cloud that provides connectivity with existing onpremises storage
Self-managing capability to provision data services with built-in fault tolerance *
Highly available, scalable, multitenant storage service in the cloud
System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager
Product family
*
*
*
*
*
*
*
*
*
*
*
*
*
System Center
System Center Virtual Machine Manager 2008 R2 / System Center 2012 Virtual Machine Manager
*
System Center Virtual Machine Manager Self Service Portal 2.0 System Center Service Manager 2010 / System Center 2012 Service Manager Opalis / System Center 2012 Orchestrator
*
*
System Center 2012 App Controller Windows Storage Server 2008 / 2008 R2
X
Windows Server AppFabric Hyper-V Server 2008 / 2008 R2
* *
*
*
BizTalk Server 2009 / 2010
*
*
X
* X
X
CLOUD TECHNOLOGIES BPOS / Office 365*
*
*
SharePoint Online
*
Windows Azure platform Windows Azure Windows Azure AppFabric
Architecture Guide
X
X
X
X
X
X
X
X
X
X
Page 18 of 123
Active Directory Access Control
*
SQL Azure
X
X
*
*
Online Backup Service
Enabling services to navigate firewalls or network boundaries
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Relational data model in the cloud that provides connectivity with existing onpremises storage
Creation, prototyping, and deployment of applications that integrate data across the organization
Product component
Self-managing capability to provision data services with built-in fault tolerance
Highly available, scalable, multitenant storage service in the cloud
Product family
* X
X
X
X
DEVELOPMENT TOOLS .NET Framework
X
X
X
X
X
Visual Studio 2010 Team Foundation Server / Visual Studio 11 Team Foundation Server
X
X
X
X
X
X
X
X
X
X
*
*
*
*
X
X
*
*
*
*
*
*
*
*
X
X
Visual Studio Team System 2008 / 2010 / 11
X
Windows Communications Foundation (WCF) Services TOOLS, ADD-INS, LIBRARIES, AND FRAMEWORKS Assessment and Planning Toolkit 6.0 / 6.5
*
*
Security Assessment Tool Software Inventory Analyzer 5.0 / 5.1
*
Deployment Toolkit 2010 / 2012
*
X
Windows Automated Installation Kit
*
*
Security Compliance Management Toolkit Security Compliance Manager 2.x Compliance Management Libraries 2.0 Windows SDK Data Classification Toolkit
*
*
*
IT Governance, Risk and Compliance Process Management Pack 2.0 BizTalk ESB Toolkit
* *
Architecture Guide
*
Page 19 of 123
Plan Development and Deployment of the Solution This section provides references to help you plan to develop and deploy the server product components that are relevant to Phase 1.
SERVER TECHNOLOGIES This section contains links to the server technologies that Table 1 references.
Microsoft SQL Server 2008 R2 Microsoft SQL Server 2008 R2 can help people scale database operations with confidence; improve IT and developer efficiency; and enable highly scalable, well-managed, and self-service business intelligence. General Home Page
http://www.microsoft.com/sqlserver/2008/en/us/R2.aspx
Get Started
http://technet.microsoft.com/en-us/library/bb500434.aspx
Plan a SQL Server Installation
http://technet.microsoft.com/en-us/library/bb500442.aspx
Technical Articles
http://technet.microsoft.com/enus/library/bb418445(SQL.10).aspx
Database Engine The Database Engine is the core service for storing, processing, and securing data. It provides controlled access and rapid transaction processing to meet the requirements of the most demanding data-consuming applications within the enterprise. People can use the Database Engine to create relational databases for online transaction processing or online analytical processing data. They also can create tables for storing data, and database objects such as indexes, views, and stored procedures for viewing, managing, and securing data. General Get Started
http://technet.microsoft.com/hi-in/library/bb510421(enus,SQL.105).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/cc280361(enus,SQL.105).aspx
Development
http://technet.microsoft.com/hi-in/library/bb500155(enus,SQL.105).aspx
Deployment
http://technet.microsoft.com/hi-in/library/bb522543(enus,SQL.105).aspx
Operations
http://technet.microsoft.com/hi-in/library/bb522460(enus,SQL.105).aspx
Architecture Guide
Page 20 of 123
System Components Integration This section describes the integration points of SQL Server 2008 R2 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by SQL Server 2008 R2 in integration with other system components. Highly available, scalable, multitenant storage service in the cloud
Interoperability with SQL Azure Microsoft SQL Azure Database is a cloud-based, relational database service built on SQL Server technologies. It provides a highly available, scalable, multitenant database service hosted by Microsoft in the cloud. SQL Azure Database helps organizations provision and deploy multiple databases, and helps developers avoid installing, setting up, patching, or managing any software. It features high availability and fault tolerance, requires no physical administration, and supports Transact-SQL (T-SQL). Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Relational data model in the cloud that provides connectivity with existing on-premises storage
Interoperability with SQL Azure SQL Azure provides a familiar environment for database programmers. The objects that are created in SQL Azure Database are the same as those in an SQL Server database. Both SQL Server and SQL Azure Database use the Transact-SQL language for database creation and data manipulation. Database developers and administrators can quickly become productive in SQL Azure by using their existing expertise. Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Creation, prototyping, and deployment of applications that integrate data across the organization
Interoperability with Visual Studio Team System 2008 Visual Studio offers database design and development tools in an integrated development environment, helping developers to visually design data relationships, filter SQL statements, edit SQL code, and run database queries in the development environment itself.
Associated System Components This section describes the dependencies and recommendations for SQL Server 2008 R2 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with Office BizTalk Server 2009 BizTalk Server is dependent on SQL Server 2008 R2 for the messaging tracking database as well as other databases. The most sensitive information (such as credential information containing details of database connection strings, user names, and passwords related to the BizTalk adapters) is stored in an encrypted format in the single sign-on (SSO) database.
Architecture Guide
Page 21 of 123
Interoperability with Core and Management Services SQL Server 2008 R2 uses the following technologies and services: •
Windows Server 2008 R2 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services. Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 7.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure. The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network.
•
Internet Security and Acceleration Server 2006 protects the IT environment from Internetbased threats and provides users with fast and secure remote access to applications and data.
•
Intelligent Application Gateway 2007 provides a secure-socket-layer virtual private network, a web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a wide variety of applications.
•
Windows Storage Server 2008 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
System Center family helps organizations by providing IT with self-managing and monitoring of dynamic systems. System Center family provides: A comprehensive view of the health of the IT environment.
Architecture Guide
Page 22 of 123
Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements. Automated incident response, change and compliance, and service life-cycle management processes.
Microsoft SQL Server 2012 Microsoft SQL Server 2012 is a cloud-ready information platform that helps organizations to protect, scale, and unlock the power of their data. With SQL Server 2012, IT can provide organizations with performance and availability for business-critical solutions, the potential for breakthrough insight through rapid data exploration, and the ability to visualize data across the organization. Finally, SQL Server 2012 helps IT build solutions that extend across premises and the cloud. General Home Page
http://www.microsoft.com/sqlserver/en/us/default.aspx
Overview / Capabilities
http://www.microsoft.com/sqlserver/en/us/productinfo/overview-capabilities.aspx
Upgrade to SQL Server 2012
http://technet.microsoft.com/en-us/library/bb677622.aspx
Installation for SQL Server 2012
http://technet.microsoft.com/en-us/library/bb500469.aspx
Technical Articles
http://technet.microsoft.com/enus/library/bb418445(v=sql.10).aspx
Database Engine The Database Engine is the core service for storing, processing, and securing data. The Database Engine provides controlled access and rapid transaction processing to meet the requirements of the most demanding data consuming applications within the enterprise. Use the Database Engine to create relational databases for online transaction processing or online analytical processing data. This capability includes creating tables for storing data and developing database objects such as indexes, views, and stored procedures for viewing, managing, and securing data. General Get Started
http://technet.microsoft.com/enus/library/ms187875(v=sql.110).aspx
What's New (Database Engine)
http://technet.microsoft.com/en-us/library/bb510411.aspx
SQL Server Database Engine Backward Compatibility
http://technet.microsoft.com/en-us/library/ms143532.aspx
Database Engine Features and Tasks
http://technet.microsoft.com/en-us/library/bb500155.aspx
Architecture Guide
Page 23 of 123
General Technical Reference (Database Engine)
http://technet.microsoft.com/en-us/library/bb500275.aspx
System Components Integration This section describes the integration points of SQL Server 2012 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by SQL Server 2012 in integration with other system components. Highly available, scalable, multitenant storage service in the cloud
Interoperability with SQL Azure Microsoft SQL Azure Database is a cloud-based, relational database service built on SQL Server technologies. It provides a highly available, scalable, multi-tenant database service hosted by Microsoft in the cloud. SQL Azure Database helps organizations provision and deploy multiple databases, and helps developers avoid installing, setting up, patching, or managing any software. It features high availability and fault tolerance, requires no physical administration, and supports Transact-SQL (T-SQL). Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Relational data model in the cloud that provides connectivity with existing on-premises storage
Interoperability with SQL Azure SQL Azure provides a familiar environment for database programmers. The objects that are created in SQL Azure Database are the same as those in an SQL Server database. Both SQL Server and SQL Azure Database use the Transact-SQL language for database creation and data manipulation. Database developers and administrators can quickly become productive in SQL Azure by using their existing expertise. Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Creation, prototyping, and deployment of applications that integrate data across the organization
Interoperability with Visual Studio Team System 2010/ Visual Studio 11 Visual Studio offers database designing and development tools in an integrated development environment, helping developers to visually design data relationships, filter SQL statements, edit SQL code, and run database queries in the development environment itself.
Associated System Components This section describes the dependencies and recommendations for SQL Server 2012 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with Office BizTalk Server 2010 BizTalk Server is dependent on SQL Server 2012 for the messaging tracking database as well as other databases. The most sensitive information, such as credential information containing details of database connection strings, user names, and passwords related to the BizTalk adapters, is stored in an encrypted format in the SSO database.
Architecture Guide
Page 24 of 123
Interoperability with Core and Management Services SQL Server 2012 uses the following technologies and services: •
Windows Server 2012 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services. Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 8.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure. The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network. Storage Spaces enables virtualized storage capabilities by grouping industry-standard disks into storage pools, and then creating virtual disks called storage spaces from the available capacity in the storage pools
•
Forefront Threat Management Gateway 2010 protects the IT environment from Internet-based threats and provides users with fast and secure remote access to applications and data.
•
Forefront Unified Access Gateway 2010 provides a secure-socket-layer virtual private network, a web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a wide variety of applications.
•
Windows Storage Server 2008 R2 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 R2 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
System Center family helps organizations by providing IT with self-managing and monitoring of dynamic systems. System Center family provides:
Architecture Guide
Page 25 of 123
A comprehensive view of the health of the IT environment. Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements. Automated incident response, change and compliance, and service life-cycle management processes.
Microsoft Server Security Microsoft Server Security is a set of comprehensive line-of-business security products that provide greater protection and control through integration with existing IT infrastructures and through simplified deployment, management, and analysis. General Microsoft Forefront—Home Page
http://www.microsoft.com/forefront/serversecurity/en/us/defaul t.aspx
Internet Security and Acceleration Server 2006 Microsoft Internet Security and Acceleration Server 2006 is the integrated security gateway that helps protect IT environments from Internet-based threats, while providing faster and more secure remote access to applications and data. General Get Started
http://technet.microsoft.com/hi-in/library/bb898432(en-us).aspx
Technical Reference
http://technet.microsoft.com/hi-in/library/bb898443(enus,TechNet.10).aspx
Planning and Architecture
http://www.microsoft.com/technet/isa/2006/planningarchitectur e/default.mspx
Development
http://www.microsoft.com/technet/isa/2006/development/defa ult.mspx
Deployment
http://www.microsoft.com/technet/isa/2006/deployment/defaul t.mspx
Operations
http://www.microsoft.com/technet/isa/2006/operations/default. mspx
Microsoft Internet Security and Acceleration Server 2006 SDK
http://msdn.microsoft.com/en-us/library/ms828058.aspx
Architecture Guide
Page 26 of 123
Firewall Service The firewall service in Internet Security and Acceleration Server 2006 runs in user mode at the top of the TCP/IP protocol stack, and employs a hybrid architecture that combines elements of both proxy and stateful inspection firewall behavior. The firewall service performs an additional packet inspection after receiving clearance from the firewall engine. The firewall service can manage traffic across multiple connections and perform associated processing (for example, application filtering). General Internet Security and Acceleration Server 2006 Firewall Core
http://download.microsoft.com/download/e/7/6/e76fdda3-5c2c4fbb-9c6f-3bcd0ed4b8ef/firewall_corewp.doc
Forefront Threat Management Gateway 2010 Forefront Threat Management Gateway 2010 helps organizations safely and productively use the Internet for business without worrying about malicious software and other threats. It provides multiple layers of continuously updated protection that is integrated into a unified, easy-to-manage gateway, and reduces the cost and complexity of web security. General Home Page
http://www.microsoft.com/forefront/threat-managementgateway/en/us/overview.aspx
What’s New
http://technet.microsoft.com/hi-in/library/ee207139(en-us).aspx
Planning and Design
http://technet.microsoft.com/library/cc441674.aspx
Deployment
http://technet.microsoft.com/library/cc441445.aspx
Operations
http://technet.microsoft.com/library/cc441590.aspx
Technical Reference
http://technet.microsoft.com/hi-in/library/cc441714(en-us).aspx
Development Guide
http://technet.microsoft.com/hi-in/library/cc533499(en-us).aspx
Firewall Protection Forefront Threat Management Gateway 2010 provides access control and protection on three layers: packet filtering, stateful inspection, and application layer filtering. It also provides deep content filtering through built-in application filters and delivers customizable, granular controls to HTTP traffic. General Overview
http://technet.microsoft.com/en-us/library/cc995253.aspx
Microsoft Intelligent Application Gateway 2007 Microsoft Intelligent Application Gateway 2007 with Application Optimizers provides a secure-socketlayer VPN, a web application firewall, and an endpoint security management that enable access control, authorization, and content inspection for a wide variety of line-of-business applications. Together, these technologies provide mobile and remote workers with easy, flexible, and more secure access from a broad range of devices and locations, including kiosks, PCs, and mobile devices.
Architecture Guide
Page 27 of 123
General Overview
http://technet.microsoft.com/en-us/library/cc303240.aspx
Planning and Architecture
http://technet.microsoft.com/en-us/library/dd278044.aspx
Deployment
http://technet.microsoft.com/en-us/library/dd278109.aspx
Operations
http://technet.microsoft.com/en-us/library/dd278091.aspx
Intelligent Application Gateway 2007 Technical Reference
http://technet.microsoft.com/enus/library/cc303257(TechNet.10).aspx
Microsoft Forefront Unified Access Gateway 2010 Forefront Unified Access Gateway provides remote access to applications, networks, and internal resources from diverse client endpoints through a single point of entry. It is an easy and secure remote access solution that helps provide application intelligence and granular access controls. General Home Page
http://www.microsoft.com/forefront/unified-accessgateway/en/us/
Get Started
http://technet.microsoft.com/hi-in/library/dd857281(en-us).aspx
Planning and Design
http://technet.microsoft.com/hi-in/library/dd857293(en-us).aspx
Deployment
http://technet.microsoft.com/hi-in/library/dd857358(en-us).aspx
Operations
http://technet.microsoft.com/hi-in/library/dd857237(en-us).aspx
Technical Reference
http://technet.microsoft.com/hi-in/library/dd857316(en-us).aspx
Microsoft Forefront Identity Manager 2010 Microsoft Forefront Identity Manager 2010 provides powerful self-service capabilities and improved tools for IT professionals to solve daily tasks such as delegating administration and creating workflows for common identity management tasks. Forefront Identity Manager 2010 is built on a foundation based on Microsoft .NET and web services so developers can build customized and extensible solutions. General Home Page
http://technet.microsoft.com/en-us/forefront/cc470030
Get Started Here
http://technet.microsoft.com/hi-in/library/ff602041(enus,WS.10).aspx
Microsoft Forefront Identity Manager 2010 R2 Microsoft Forefront Identity Manager 2010 R2 provides an integrated and comprehensive solution for managing the entire life cycle of user identities and their associated credentials. It offers organizations self-service identity management for users, automated life cycle management across heterogeneous platforms, and a rich policy framework for enforcing security policies and detailed audits. It provides identity synchronization, user provisioning, certificate and password management, and policy management in a single solution that works across heterogeneous systems. Developers can use web service APIs to create custom clients and to provide extensible activities and workflow schemas.
Architecture Guide
Page 28 of 123
General Home Page
http://www.microsoft.com/en-us/servercloud/forefront/identity-manager.aspx
Technical Overview
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/ SIM332
Deployment
http://technet.microsoft.com/enus/library/jj134310%28v=ws.10%29.aspx
Development
http://msdn.microsoft.com/enus/library/windows/desktop/jj131731%28v=vs.100%29.aspx
Windows Server 2008 R2 Windows Server 2008 R2 offers virtualization tools, web resources, management enhancements, and Windows 7 integration, helping to save time, reduce costs, and provide a platform for a dynamic and efficiently managed data center. Powerful tools, including Internet Information Services 7, updated Server Manager and Hyper-V platforms, and Microsoft Windows PowerShell 2.0, work together to give organizations greater control, increased efficiency, and the ability to react to frontline organizational needs faster than ever before. General Home Page
http://technet.microsoft.com/enus/windowsserver/bb310558.aspx
Deployment
http://technet.microsoft.com/hi-in/library/ee344846(enus,WS.10).aspx
Changes in Functionality from Windows Server 2008 to Windows Server 2008 R2
http://technet.microsoft.com/enau/library/dd391932(WS.10).aspx
Active Directory Domain Services Active Directory Domain Services is the central location for configuration information, authentication requests, and information about all objects stored within the forest structure. With Active Directory Domain Services, organizations can efficiently manage users, computers, groups, printers, applications, and other directory-enabled objects from one highly secure, central location. General Home Page
http://technet.microsoft.com/library/cc770946(WS.10).aspx
Features in Active Directory Domain Services
http://technet.microsoft.com/hi-in/library/dd378796(enus,WS.10).aspx
Active Directory Domain Services Operations Guide
http://technet.microsoft.com/enus/library/cc816807(WS.10).aspx
Active Directory Lightweight Directory Services Active Directory Lightweight Directory Services provides directory services for directory-enabled applications, without requiring or relying on Active Directory domains or forests. Organizations can run Active Directory Lightweight Directory Services on member servers or stand-alone servers. They also
Architecture Guide
Page 29 of 123
can run multiple instances of Active Directory Lightweight Directory Services—each with its own independently managed schema—on one server. General Home Page
http://technet.microsoft.com/library/cc731868(WS.10).aspx
Overview
http://technet.microsoft.com/en-us/library/cc732019.aspx
Network Policy and Access Services Network Policy and Access Services in Windows Server 2008 R2 delivers a variety of methods to help provide more secure local and remote network connectivity, connect network segments, and enable network administrators to centrally manage network access and client health policies. With Network Access Services, organizations can more securely deploy virtual private network (VPN) servers, dial-up servers, routers, and 802.1X-protected wireless access. They also can deploy RADIUS servers and proxies and use the Connection Manager Administration Kit to create remote access profiles that allow client computers to safely connect to the network. General Introduction
http://technet.microsoft.com/library/cc754521(WS.10).aspx
Network Policy and Access Services overview for Windows Server 2008 R2
http://technet.microsoft.com/en-us/library/cc731321.aspx
Network Policy Server (NPS)
http://technet.microsoft.com/en-us/library/cc732912.aspx
Group Policy Group Policy helps organizations manage configurations for groups of computers and users, including options for registry-based policy settings, security settings, software deployment, scripts, folder redirection, Remote Installation Services, and maintenance of Microsoft Internet Explorer. By using Group Policy, organizations can significantly reduce the total cost of ownership (TCO). Because of factors such as the large number of policy settings available, the interaction between multiple policies, and inheritance options, Group Policy design can be complex. By carefully planning, designing, and testing a solution based on business requirements, organizations can provide the necessary standardized functionality, security, and management control. General Home Page
http://technet.microsoft.com/library/cc726027(WS.10).aspx
What’s New in Group Policy
http://technet.microsoft.com/enus/library/dd367853(WS.10).aspx
Windows PowerShell cmdlets for Group Policy
http://technet.microsoft.com/enus/library/dd367856(WS.10).aspx
Internet Information Services 7.0 Microsoft Internet Information Services 7.0 is a powerful web application and services platform that delivers rich, web-based experiences. Internet Information Services 7.0 offers improved administrative and diagnostic tools to help lower infrastructure costs on a variety of popular development platforms. With improved reliability and scalability, IT professionals and developers can manage the most demanding web service environments, from a single web server to a large web farm.
Architecture Guide
Page 30 of 123
General Internet Information Services 7.0
http://technet.microsoft.com/enus/library/cc732050(WS.10).aspx
Internet Information Services 7.0 Development
http://msdn.microsoft.com/en-us/library/ms692515(VS.90).aspx
Hyper-V With Microsoft Hyper-V, organizations can more easily take advantage of the cost savings of virtualization through Windows Server 2008 R2. Organizations can optimize server hardware investments by consolidating multiple server roles as separate virtual machines running on a single physical machine, efficiently run multiple different operating systems in parallel on a single server, and fully use the power of Microsoft x64 computing technologies. General Home Page
http://technet.microsoft.com/enus/windowsserver/dd448604.aspx
Hyper-V Features
http://technet.microsoft.com/enus/library/cc753637(WS.10).aspx
Getting Started
http://technet.microsoft.com/enus/library/ee344828(WS.10).aspx
Hyper-V Planning
http://technet.microsoft.com/enus/library/ee344841(WS.10).aspx
Hyper-V Installation
http://technet.microsoft.com/enus/library/ee344837(WS.10).aspx
Hyper-V Configuration
http://technet.microsoft.com/enus/library/ee344820(WS.10).aspx
Windows Deployment Services Windows Deployment Services, the updated and redesigned version of Remote Installation Services, is a suite of components that work together in Windows Server 2008 R2 to enable the deployment of Windows operating systems, particularly Windows Vista. With Windows Deployment Services, organizations can deploy Windows operating systems over the network instead of installing each operating system directly from a CD or DVD. They also can use Windows Deployment Services to repurpose existing computers. General Overview
http://technet.microsoft.com/hi-in/library/cc772106(enus,WS.10).aspx
Windows Deployment Services for Windows Server 2008 R2
http://technet.microsoft.com/enus/library/dd348502(WS.10).aspx
Getting Started Guide
http://technet.microsoft.com/enus/library/cc771670(WS.10).aspx
Deployment Guide
http://technet.microsoft.com/hi-in/library/cc770667(enus,WS.10).aspx
Architecture Guide
Page 31 of 123
Windows Firewall with Advanced Security Windows Firewall with Advanced Security is a host-based firewall that blocks incoming and outgoing connections based on its configuration. While typical end-user configuration of Windows Firewall occurs through the Windows Firewall Control Panel tool, advanced configuration now occurs in Windows Firewall with Advanced Security, a Microsoft Management Control snap-in. General Firewall with Advanced Security and IPSec
http://technet.microsoft.com/enus/library/cc732283(WS.10).aspx
Introduction to Windows Firewall with Advanced Security
http://technet.microsoft.com/enus/library/cc730955(WS.10).aspx
Windows Firewall with Advanced Security Design Guide
http://technet.microsoft.com/enus/library/cc732024(WS.10).aspx
Windows Firewall with Advanced Security Deployment Guide
http://technet.microsoft.com/enus/library/cc972925(WS.10).aspx
Windows Server 2012 Windows Server 2012 is designed to help IT pros enact cloud optimization while satisfying business needs more quickly and efficiently. Windows Server 2012 provides a highly available and easy-tomanage multiserver platform that offers flexible storage, continuous availability, and management efficiency. With Windows Server 2012, Microsoft delivers a server platform based on the experience of building and operating many of the world's most complex cloud-based services and largest data centers. Whether administrators are setting up a single server for a small business or architecting a major new data center environment, Windows Server 2012 can help them “cloud optimize” their IT so they can more fully meet their organizations’ unique needs. General Home Page
http://www.microsoft.com/en-us/server-cloud/windowsserver/default.aspx
Windows Server 2012 Overview
http://www.microsoft.com/en-us/server-cloud/windowsserver/overview.aspx
What's New in Windows Server 2012
http://technet.microsoft.com/library/hh831769.aspx
Windows Server 2012 Capabilities
http://www.microsoft.com/en-us/server-cloud/windowsserver/capabilities.aspx
Active Directory Domain Services Active Directory Domain Services provides a distributed database that stores and manages information about network resources and application-specific data from directory-enabled applications. A server that is running Active Directory Domain Services is called a domain controller. Administrators can use Active Directory Domain Services to organize elements of a network, such as users, computers, and other devices, into a hierarchical containment structure. The hierarchical containment structure includes the Active Directory forest, domains in the forest, and organizational units (OUs) in each domain.
Architecture Guide
Page 32 of 123
General Active Directory Domain Services overview
http://technet.microsoft.com/en-us/library/hh831484.aspx
What's New in Active Directory Domain http://technet.microsoft.com/en-us/library/hh831477.aspx Services
Active Directory Lightweight Directory Services Active Directory Lightweight Directory Services is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the dependencies and domain-related restrictions of Active Directory Domain Services. Organizations can run Active Directory Lightweight Directory Services on member servers or stand-alone servers. They also can run multiple instances of Active Directory Lightweight Directory Services—each with its own independently managed schema—on one server. In addition, Active Directory Lightweight Directory Services provides directory services for directory-enabled applications without the overhead of domains and forests or the requirements of a single schema throughout a forest. General Active Directory Lightweight Directory Services Overview
http://technet.microsoft.com/en-us/library/hh831593.aspx
Active Directory Lightweight Directory Services Operations Guide
http://technet.microsoft.com/enus/library/cc816635%28v=ws.10%29.aspx
Active Directory Lightweight Directory Services Getting Started/Step-By-Step Guide
http://technet.microsoft.com/enus/library/cc770639%28v=ws.10%29.aspx
Network Policy and Access Services Organizations can use the Network Policy and Access Services server role to deploy and configure Network Access Protection (NAP), secure wired and wireless access points, and RADIUS servers and proxies. The role also allows deploying virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With Network Policy and Access Services, administrators can define and enforce policies for network access authentication, authorization, and client health using NAP, Routing and Remote Access Services, Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP). General Network Policy and Access Services
http://technet.microsoft.com/enus/windowsserver/dd448603.aspx
Network Policy and Access Services Overview
http://technet.microsoft.com/library/hh831683
Best Practices Analyzer for Network Policy and Access Services
http://technet.microsoft.com/enus/library/ee922640%28v=ws.10%29.aspx
Architecture Guide
Page 33 of 123
Group Policy Group Policy allows administrators to specify managed configurations for users and computers through Group Policy settings and Group Policy preferences. For Group Policy settings that affect only a local computer or user, administrators can use the Local Group Policy Editor. They can manage Group Policy settings and Group Policy preferences in an Active Directory Domain Services environment through the Group Policy Management Console. Group Policy management tools also are included in the Remote Server Administration Tools pack to provide a way to administer Group Policy settings from remote machines. General Group Policy Home Page
http://technet.microsoft.com/enus/windowsserver/bb310732.aspx
Group Policy Overview
http://technet.microsoft.com/library/hh831791
Designing a Group Policy Infrastructure http://technet.microsoft.com/en-us/library/c75e3e6f-c3224220-b205-46c6e9ba7674
Internet Information Services 8 Internet Information Services (IIS) 8 is a unified web platform that integrates IIS, ASP.NET, FTP services, PHP, and Windows Communication Foundation (WCF). With IIS 8 in Windows Server 2012, developers can customize the functionality of IIS, create applications to assist in managing IIS, and create applications that run on IIS. IIS also enables the extensibility of configuration, scripting, event logging, and administration tools, providing software developers with a complete server platform on which to build web server extensions. General Internet Information Services Overview http://technet.microsoft.com/en-us/library/hh831725.aspx Internet Information Services Development
http://msdn.microsoft.com/enus/library/ms692515%28v=vs.90%29.aspx
Internet Information Services Extensions
http://msdn.microsoft.com/enus/library/hh943083%28v=vs.90%29.aspx
Hyper-V The Hyper-V role enables IT administrators to create and manage a virtualized computing environment by using virtualization technology built into Windows Server 2012. Hyper-V role deployment installs required components and, optionally, management tools. Required components include Windows hypervisor, Hyper-V Virtual Machine Management Service, and the virtualization Windows Management Instrumentation (WMI) provider, as well as other virtualization components like the virtual machine bus (VMbus), virtualization service provider (VSP) and virtual infrastructure driver (VID). Hyper-V virtualizes hardware to provide an environment in which administrators can run multiple operating systems at the same time on one physical computer by running each operating system in its own virtual machine.
Architecture Guide
Page 34 of 123
General Hyper-V Home Page
http://technet.microsoft.com/enus/windowsserver/dd448604.aspx
Hyper-V Overview
http://technet.microsoft.com/en-us/library/hh831531
What's New in Hyper-V
http://technet.microsoft.com/library/hh831410
Hyper-V Getting Started Guide
http://technet.microsoft.com/library/cc732470%28WS.10%29.as px
Windows Deployment Services In Windows Server 2012, Windows Deployment Services (WDS) is a server role that enables administrators to remotely deploy Windows operating systems. Administrators can use it to set up new computers through a network-based installation. This means that administrators do not have to install each operating system directly from a CD, USB drive, or DVD. To use WDS, administrators should have a working knowledge of common desktop deployment technologies and networking components, including Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and Active Directory Domain Services. It is also helpful to understand the Preboot execution Environment (also known as the Pre-Execution Environment). General Windows Deployment Services Overview
http://technet.microsoft.com/en-us/library/hh831764.aspx
Windows Deployment Services Getting http://technet.microsoft.com/en-us/library/jj648426.aspx Started Guide Windows Deployment Services Guide
http://technet.microsoft.com/en-us/library/cc265612.aspx
Windows Firewall with Advanced Security In Windows Server 2012, Windows Firewall with Advanced Security is an important part of a layered security model. By providing host-based, two-way network traffic filtering for a computer, Windows Firewall with Advanced Security blocks unauthorized network traffic flowing into or out of the local computer. Windows Firewall with Advanced Security also works with Network Awareness so that it can apply security settings appropriate to the types of networks to which the computer is connected. Windows Firewall and IPsec configuration settings are integrated into a single Microsoft Management Console (MMC) named Windows Firewall with Advanced Security, so Windows Firewall is also an important part of a network’s isolation strategy. General Windows Firewall with Advanced Security Overview
http://technet.microsoft.com/en-us/library/hh831365.aspx
Windows Firewall with Advanced Security Getting Started Guide
http://technet.microsoft.com/enus/library/cc748991%28v=ws.10%29.aspx
Windows Firewall with Advanced Security Step-By-Step Guide
http://www.microsoft.com/enus/download/details.aspx?id=11698
Architecture Guide
Page 35 of 123
Using Windows Firewall with Advanced http://msdn.microsoft.com/enus/library/windows/desktop/aa366418%28v=vs.85%29.aspx Security
Storage Spaces Windows Server 2012 delivers sophisticated storage virtualization capabilities, empowering customers to use industry-standard storage for single computer and scalable multinode deployments. It is appropriate for a wide range of customers—from consumers using Windows 8 for personal storage, to enterprises and cloud-hosting companies using Windows Server 2012 for highly available storage that can cost effectively grow with demand. General Storage Spaces Overview
http://technet.microsoft.com/en-us/library/hh831739.aspx
Storage Spaces Frequently Asked Questions
http://social.technet.microsoft.com/wiki/contents/articles/11382 .storage-spaces-frequently-asked-questions-faq.aspx
Deploying and Managing Storage Spaces with PowerShell
http://www.microsoft.com/enus/download/details.aspx?id=30125
Microsoft System Center System Center is central to the Microsoft vision of helping IT organizations benefit from self-managing, dynamic systems. Microsoft System Center solutions capture and aggregate knowledge about infrastructures, policies, processes, and best practices so that IT staff can build manageable systems and automate operations to reduce costs, improve application availability, and enhance service delivery. General Home Page
http://www.microsoft.com/SystemCenter/
System Center Library
http://technet.microsoft.com/hi-in/library/cc507089(en-us).aspx
System Center Operations Manager 2007 R2 Microsoft System Center Operations Manager 2007 R2 delivers end-to-end service management of applications and IT services across the data center, helping to provide greater control and insight into the health and performance of Microsoft, UNIX, and Linux servers and the workloads running on them. With System Center Operations Manager 2007 R2, organizations can reduce the cost of managing the data center and ensure delivery of IT services to expected levels. General What's New
http://technet.microsoft.com/en-us/library/dd362653.aspx
Getting Started
http://technet.microsoft.com/en-us/library/dd887701.aspx
Design Guide
http://technet.microsoft.com/en-us/library/dd789005.aspx
Deployment Guide
http://technet.microsoft.com/en-us/library/bb419281.aspx
Architecture Guide
Page 36 of 123
System Center 2012 Operations Manager Microsoft System Center 2012 Operations Manager provides infrastructure monitoring that is flexible and cost effective; helps to ensure the predictable performance and availability of vital applications; and offers comprehensive monitoring for the data center and cloud, both private and public. General Home Page
http://www.microsoft.com/systemcenter/en/us/om-vnextbeta.aspx
Overview
http://technet.microsoft.com/en-us/library/hh205987.aspx
Getting Started
http://technet.microsoft.com/en-us/library/hh509025.aspx
Deployment Guide
http://technet.microsoft.com/en-us/library/hh278852.aspx
System Center Data Protection Manager 2010 Microsoft System Center Data Protection Manager 2010 is a backup and recovery solution for Windows applications and file servers that uses seamlessly integrated disk and tape. General Home Page
http://technet.microsoft.com/en-us/library/ff399192.aspx
Planning and Deployment
http://technet.microsoft.com/en-us/library/ff399519.aspx
Data Protection Manager 2010 Operations
http://technet.microsoft.com/en-us/library/ff399138.aspx
System Center 2012 Data Protection Manager Microsoft System Center 2012 Data Protection Manager provides centralized management and granular access as few of its key features. It enables disk-based and tape-based data protection and recovery for servers such as SQL Server, Exchange Server, SharePoint, virtual servers, file servers, and support for Windows desktops and laptops. It can also centrally manage system state and Bare Metal Recovery (BMR). General What’s New?
http://technet.microsoft.com/en-us/edge/Video/hh285690
Planning
http://technet.microsoft.com/en-us/library/hh758140.aspx
Deploying
http://technet.microsoft.com/en-us/library/hh757823.aspx
Operations Guide
http://technet.microsoft.com/en-us/library/hh757851.aspx
Troubleshooting Guide
http://technet.microsoft.com/en-us/library/hh872921.aspx
System Center Configuration Manager 2007 R3 Microsoft System Center Configuration Manager 2007 R3 includes a complete set of power management tools, scale and performance enhancements, and mobile device management to help organizations gain better insight into and control over their IT systems.
Architecture Guide
Page 37 of 123
General Home Page
http://technet.microsoft.com/en-us/library/bb735860.aspx
What’s New
http://technet.microsoft.com/en-us/library/ff977104.aspx
Planning and Deployment
http://technet.microsoft.com/en-us/library/bb693806.aspx
System Center 2012 Configuration Manager Microsoft System Center 2012 Configuration Manager provides a comprehensive solution for change and configuration management for the Microsoft platform. It can help end users employ the devices and applications they need to be productive, while maintaining corporate compliance and control. General Home Page
http://www.microsoft.com/systemcenter/en/us/configurationmanager/cm-vnext-beta.aspx
Getting Started
http://technet.microsoft.com/en-us/library/gg682144.aspx
Client Deployment
http://technet.microsoft.com/en-us/library/gg699391.aspx
Security and Privacy
http://technet.microsoft.com/en-us/library/gg682033.aspx
Documentation Library
http://technet.microsoft.com/en-us/library/gg682041.aspx
System Center Virtual Machine Manager 2008 R2 Microsoft System Center Virtual Machine Manager 2008 R2 can help organizations centrally manage physical and virtual IT infrastructure, increase server utilization, and dynamically optimize resources across multiple virtualization platforms. It includes end-to-end capabilities like planning, deploying, managing, and optimizing the virtual infrastructure. General Overview
http://technet.microsoft.com/hi-in/library/cc764290(en-us).aspx
Evaluation Center
http://technet.microsoft.com/en-us/evalcenter/cc793138.aspx
Technical Reference
http://technet.microsoft.com/enus/systemcenter/vmm/ff469737.aspx
What's New in Virtual Machine Manager 2008 R2
http://technet.microsoft.com/hi-in/library/ee230429(en-us).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/cc764219(en-us).aspx
Operations
http://technet.microsoft.com/hi-in/library/cc764329(en-us).aspx
Deployment
http://technet.microsoft.com/hi-in/library/cc764339(en-us).aspx
System Center 2012 Virtual Machine Manager Microsoft System Center 2012 Virtual Machine Manager is a management solution for the virtualized data center that enables organizations to configure and manage virtualized host, networking, and storage resources to create and deploy virtual machines and services to private clouds resources.
Architecture Guide
Page 38 of 123
General Home Page
http://technet.microsoft.com/en-us/library/gg610610.aspx
Getting Started
http://technet.microsoft.com/en-us/library/gg610561.aspx
Deployment
http://technet.microsoft.com/en-us/library/gg610669.aspx
Administration
http://technet.microsoft.com/en-us/library/gg610615.aspx
Configuration
http://technet.microsoft.com/en-us/library/gg675078.aspx
System Center Service Manager 2010 Microsoft System Center Service Manager 2010 is an integrated platform for automating and adapting organizations’ IT service management best practices, such as those found in the Microsoft Operations Framework and Information Technology Infrastructure Library. It provides built-in processes for resolving incidents and problems, controlling changes, and managing the asset life cycle. Through its configuration management database and process integration, System Center Service Manager automatically connects knowledge and information from System Center Operations Manager, System Center Configuration Manager, and Active Directory. General Overview
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2010/ MGT313
Download Details
http://technet.microsoft.com/en-us/evalcenter/ee348897.aspx
System Center 2012 Service Manager Microsoft System Center 2012 Service Manager delivers standardized, compliant, and automated IT as a service. General Overview
http://technet.microsoft.com/en-us/edge/Video/hh285691
Opalis Opalis is an automation platform for arranging and integrating IT tools to reduce the cost of data center operations while improving the reliability of IT processes. Opalis helps IT organizations automate best practices, such as those found in the Microsoft Operations Framework and Information Technology Infrastructure Library. Through Opalis, workflow processes coordinate System Center and other management tools to automate incident response, change, compliance, and service life-cycle management processes. General Home Page
http://www.microsoft.com/systemcenter/en/us/opalis.aspx
Download Details
http://technet.microsoft.com/enus/systemcenter/hh913943.aspx
Installing Opalis Integration Server Client without Using Deployment Manager
http://social.technet.microsoft.com/wiki/contents/articles/howto-install-opalis-integration-server-client-without-usingdeployment-manager.aspx
Architecture Guide
Page 39 of 123
System Center 2012 Orchestrator Microsoft System Center 2012 Orchestrator provides orchestration, integration, and automation of IT processes through the creation of run books that enable organizations to define and standardize best practices and improve operational efficiency. General Home Page
http://www.microsoft.com/systemcenter/en/us/orchestrator.asp x
Overview
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/ SIM207
Installation
http://technet.microsoft.com/en-us/library/hh237242.aspx
Deployment Integration Packs
http://technet.microsoft.com/en-us/library/hh420337.aspx
Installation
http://technet.microsoft.com/en-us/library/hh420336.aspx
Download Details
http://www.microsoft.com/download/en/details.aspx?id=26503
Windows Storage Server 2008 Windows Storage Server 2008 provides file storage and print server capabilities for client and server computers in an organization’s network environment. Organizations can use storage appliances that run Windows Storage Server 2008 in failover clusters to provide high-availability storage for application servers and file storage. General Overview
http://technet.microsoft.com/enus/library/dd573315(WS.10).aspx
Getting Started
http://technet.microsoft.com/enus/library/dd573323(WS.10).aspx
Windows Storage Server 2008 R2 Windows Storage Server 2008 R2 is built on the Windows Server 2008 R2 operating system to provide a platform for network-attached storage (NAS) appliances. It is optimized to deliver better file serving. The Windows Storage Server product family provides advanced storage solutions for a range of organizations, from small businesses to enterprises. It includes storage technologies such as file deduplication, as well as an iSCSI software target for unified file services and block I/O storage. General Overview
http://technet.microsoft.com/enus/library/gg232660(v=ws.10).aspx
Getting Started
http://technet.microsoft.com/enus/library/gg214166(WS.10).aspx
Technical Reference
http://technet.microsoft.com/enus/library/gg277981(WS.10).aspx
Architecture Guide
Page 40 of 123
Windows Server AppFabric Windows Server AppFabric is a set of application services that are focused on improving the performance and management of web, composite, and enterprise applications. To deliver these benefits, Windows Server AppFabric provides distributed caching technology and prebuilt management and monitoring infrastructure that use familiar .NET capabilities. General Home Page
http://msdn.microsoft.com/enus/library/ff384253(v=azure.10).aspx
Resources
http://msdn.microsoft.com/enus/windowsserver/ee695849.aspx
Windows Server AppFabric Concepts and Architecture
http://msdn.microsoft.com/en-us/library/ee677175.aspx
Architectural Overview
http://msdn.microsoft.com/en-us/library/ee677374.aspx
Microsoft Hyper-V Server 2008 Microsoft Hyper-V Server 2008 provides a simplified, reliable, and optimized virtualization solution that improves server use and reduces costs. Hyper-V Server is a dedicated, stand-alone product that gives organizations a small footprint with minimal overhead. IT administrators can easily plug Hyper-V Server into existing IT environments and can use existing patches, provisioning, management, support tools, processes, and capabilities. General Overview
http://www.microsoft.com/hyper-v-server/en/us/2008overview.aspx
FAQ
http://technet.microsoft.com/library/dd560637(WS.10).aspx
Getting to Know Hyper-V
http://technet.microsoft.com/enus/library/ee256064(v=ws.10).aspx
Microsoft Hyper-V Server 2008 R2 Microsoft Hyper-V Server 2008 R2 provides a simplified, reliable, and optimized virtualization solution that improves server use and reduces costs. Hyper-V Server is a dedicated, stand-alone product that gives organizations a small footprint with minimal overhead. IT administrators can easily plug Hyper-V Server into existing IT environments and can use existing patches, provisioning, management, support tools, processes, and capabilities. Microsoft Hyper-V Server 2008 R2 adds features such as live migration, clusters, shared-volume support, and expanded processor and memory support for host systems. General Home Page
http://technet.microsoft.com/enus/library/ee815281(v=ws.10).aspx
Get Started
http://technet.microsoft.com/hi-in/library/ee815289(enus,WS.10).aspx
Live Migration
http://technet.microsoft.com/hi-in/library/ee815293(enus,WS.10).aspx
Architecture Guide
Page 41 of 123
General Install and Setup
http://technet.microsoft.com/enus/library/ee815292(v=ws.10).aspx
Deployment
http://technet.microsoft.com/hi-in/library/ee731893(enus,WS.10).aspx
Microsoft BizTalk Server 2009 BizTalk Server 2009 helps organizations to integrate systems, automate processes, and communicate across global processes, partnerships, and supply chains. General Overview
http://technet.microsoft.com/enUS/library/ee299295(v=bts.10).aspx
Get Started
http://technet.microsoft.com/hi-in/library/aa560946(enus,BTS.10).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/aa561091(enus,BTS.10).aspx
Development
http://technet.microsoft.com/hi-in/library/aa559745(enus,BTS.10).aspx
System Components Integration This section describes the integration points of BizTalk Server 2009 with other system components.
Associated System Components This section describes the dependencies and recommendations for BizTalk Server 2009 and highlights the capabilities as enabled directly or when integrated with another system component.
Interoperability with SQL Server 2008 R2 BizTalk Server is dependent on SQL Server 2008 R2 for the messaging tracking database and other databases. The most sensitive information, such as credential information containing details of database connection strings, user names, and passwords related to the BizTalk adapters, is stored in an encrypted format in the SSO database.
Interoperability with Core and Management Services BizTalk Server 2009 uses the following technologies and services: •
Windows Server 2008 R2 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services.
Architecture Guide
Page 42 of 123
Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 7.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure. The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network. •
Internet Security and Acceleration Server 2006 protects the IT environment from Internetbased threats and provides users with fast and secure remote access to applications and data.
•
Windows Storage Server 2008 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
System Center family helps organizations by providing IT with self-managing and monitoring of dynamic systems. System Center family provides: A comprehensive view of the health of the IT environment. Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements. Automated incident response, change and compliance, and service life-cycle management processes.
Microsoft BizTalk Server 2010 BizTalk Server 2010 helps organizations to integrate systems, automate processes, and communicate across global processes, partnerships, and supply chains.
Architecture Guide
Page 43 of 123
General Home Page
http://www.microsoft.com/biztalk/en/us/default.aspx
Microsoft BizTalk Server 2010 Help
http://technet.microsoft.com/hi-in/library/aa548004(enus,BTS.70).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/aa561091(enus,BTS.70).aspx
Development
http://technet.microsoft.com/hi-in/library/aa559745(enus,BTS.70).aspx
Deployment
http://technet.microsoft.com/hi-in/library/aa548040(enus,BTS.70).aspx
Operations
http://technet.microsoft.com/hi-in/library/aa561973(enus,BTS.70).aspx
System Components Integration This section describes the integration points of BizTalk Server 2010 with other system components.
Associated System Components This section describes the dependencies and recommendations for BizTalk Server 2010 and highlights the capabilities as enabled directly or when integrated with another system component.
Interoperability with SQL Server 2012 BizTalk Server is dependent on SQL Server 2012 for the messaging tracking database and other databases. The most sensitive information, such as credential information containing details of database connection strings, user names, and passwords related to the BizTalk adapters, is stored in an encrypted format in the SSO database.
Interoperability with Core and Management Services BizTalk Server 2010 uses the following technologies and services: •
Windows Server 2012 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services. Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 8.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure.
Architecture Guide
Page 44 of 123
The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network. Storage Spaces enables virtualized storage capabilities by grouping industry-standard disks into storage pools, and then creating virtual disks called storage spaces from the available capacity in the storage pools •
Forefront Threat Management Gateway 2010 protects the IT environment from Internet-based threats and provides users with fast and secure remote access to applications and data.
•
Windows Storage Server 2008 R2 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 R2 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
System Center family helps organizations by providing IT with self-managing and monitoring of dynamic systems. System Center family provides: A comprehensive view of the health of the IT environment. Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements. Automated incident response, change and compliance, and service life-cycle management processes.
CLIENT TECHNOLOGIES This section contains links to the client technologies that Table 1 references.
Microsoft Office 2007 The 2007 Microsoft Office system provides a comprehensive tool set for people to gather and consolidate virtually any type of information. People can then more easily share information with others across geographical or organizational boundaries to deliver better results faster. General Get Started with Office 2007
Architecture Guide
http://office.microsoft.com/en-us/support/getting-started-withmicrosoft-office-2007-FX101839657.aspx
Page 45 of 123
Use Enterprise Deployment Tools for the 2007 Office System
http://technet.microsoft.com/enus/library/cc303382(office.12).aspx
Deployment
http://technet.microsoft.com/hi-in/library/cc178982(enus,office.12).aspx
Security and Protection for the 2007 Office Release
http://technet.microsoft.com/enus/library/cc179135(office.12).aspx
Operations for the 2007 Office Release
http://technet.microsoft.com/enus/library/cc179068(office.12).aspx
Get Started with Office 2007 development
http://msdn.microsoft.com/hi-in/office/aa905363(en-us).aspx
Build Composite Applications by Using http://msdn.microsoft.com/en-us/architecture/bb220802.aspx Microsoft Office System Office Download Center
http://www.microsoft.com/office/downloads/
Microsoft Office Outlook 2007, Microsoft Office Word 2007, Microsoft Office Excel 2007, and Microsoft Office PowerPoint 2007 Microsoft Office Outlook Home Page
http://office.microsoft.com/en-us/training/up-to-speed-withoutlook-2007-RZ010115400.aspx
Microsoft Office Excel Home Page
http://office.microsoft.com/en-us/excel-help/up-to-speed-withexcel-2007-RZ010062103.aspx
Microsoft Office Word Home Page
http://office.microsoft.com/en-us/help/up-to-speed-with-word2007-RZ010066490.aspx
Microsoft Office PowerPoint Home Page
http://office.microsoft.com/en-us/training/up-to-speed-withpowerpoint-2007-RZ010068986.aspx
Microsoft Office Outlook Training
http://office.microsoft.com/en-us/training/outlook-2007training-courses-HA010218867.aspx
Microsoft Office Excel Training
http://office.microsoft.com/en-us/training/excel-2007-trainingcourses-HA010218987.aspx
Microsoft Office Word Training
http://office.microsoft.com/en-us/word-help/word-2007training-courses-HA010215566.aspx
Microsoft Office PowerPoint Training
http://office.microsoft.com/en-us/training/powerpoint-2007training-courses-HA010218498.aspx
Excel 2007 Development
http://msdn.microsoft.com/hi-in/office/aa905419(en-us).aspx
Outlook Developer Center
http://msdn.microsoft.com/enus/library/office/bb176810(v=office.12)
Word 2007 Development
http://msdn.microsoft.com/hi-in/office/aa905490(en-us).aspx
PowerPoint 2007 Development
http://msdn.microsoft.com/library/bb251391(v=office.12)
Microsoft Office 2010 Microsoft Office 2010 combines the tools people need to create, edit, and share documents from virtually anywhere. It provides people at home or work with a comprehensive tool set to gather and consolidate virtually any type of information, which they can easily share with others across geographical or organizational boundaries to deliver better results faster.
Architecture Guide
Page 46 of 123
General Home Page
http://office.microsoft.com/en-us/products/
Discover and Explore Microsoft Office 2010
http://technet.microsoft.com/office/ee691942.aspx
Plan the Deployment
http://technet.microsoft.com/hi-in/library/cc179137(enus,office.14).aspx
Configure and Deploy
http://technet.microsoft.com/hi-in/library/cc178982(enus,office.14).aspx
Developer Center
http://msdn.microsoft.com/hi-in/office/ee513173(en-us).aspx
Maintain and Update
http://technet.microsoft.com/hi-in/library/cc179068(enus,office.14).aspx
Technical Reference
http://technet.microsoft.com/hi-in/library/cc179032(enus,office.14).aspx
Secure and Protect
http://technet.microsoft.com/hi-in/library/cc179135(enus,office.14).aspx
Microsoft Outlook 2010, Microsoft Word 2010, Microsoft Excel 2010, and Microsoft PowerPoint 2010 Microsoft Outlook Home Page
http://office.microsoft.com/en-us/outlook/
Microsoft Excel Home Page
http://office.microsoft.com/en-us/excel/
Microsoft Word Home Page
http://office.microsoft.com/en-us/word/
Microsoft PowerPoint Home Page
http://office.microsoft.com/en-us/powerpoint/
What's New in Office 2010?
http://office.microsoft.com/en-us/products/whats-new-inoffice-2010-FX102459418.aspx
Microsoft Office Outlook Help and How-To
http://office.microsoft.com/en-us/outlook-help/
Microsoft Office Excel Help and How-To
http://office.microsoft.com/en-us/excel/FX100646951033.aspx
Microsoft Office Word Help and How-To
http://office.microsoft.com/en-us/word/FX100649251033.aspx
Microsoft Office PowerPoint Help and How-To
http://office.microsoft.com/enus/powerpoint/FX100648951033.aspx
Excel 2010 Deployment
http://msdn.microsoft.com/en-us/office/ff963563.aspx
Word 2010 Deployment
http://msdn.microsoft.com/en-us/office/ff972307.aspx
PowerPoint 2010 Deployment
http://msdn.microsoft.com/en-us/office/gg502922.aspx
Office 2010 Training
http://office.microsoft.com/en-us/support/trainingFX101782702.aspx
Microsoft Office Visio 2007 Microsoft Office Visio 2007 can help organizations visualize, explore, and communicate complex information, systems, and processes.
Architecture Guide
Page 47 of 123
General Beginner’s Guide
http://office.microsoft.com/en-us/visio-help/a-beginner-sguide-to-visio-2007-HA010214494.aspx
Visio 2007 Development
http://msdn.microsoft.com/hi-in/office/aa905480(en-us).aspx
Microsoft Visio 2010 Microsoft Visio 2010 provides advanced diagramming tools that help simplify complexity through dynamic, data-driven visuals and more effective ways to share content on the web in real time. General Home Page
http://office.microsoft.com/en-us/visio/
Top 10 Reasons to Try Visio 2010
http://office.microsoft.com/en-us/visio/top-10-reasons-to-tryvisio-2010-HA101805356.aspx
Visio 2010 Resources
http://technet.microsoft.com/en-us/office/ee236295.aspx
Microsoft Office Project 2007 Microsoft Office Project 2007 provides robust project management tools that have the right blend of usability, power, and flexibility to manage projects more efficiently and effectively. People can stay informed and control project work, schedules, and finances; keep project teams aligned; and be more productive through Office Project 2007 interoperability with familiar Microsoft Office system programs, powerful reporting, guided planning, and flexible tools. General Developer Portal
http://msdn.microsoft.com/hi-in/office/aa905472(en-us).aspx
Project Demo
http://office.microsoft.com/enus/project/CH100740881033.aspx
Technical References
http://technet.microsoft.com/enus/library/cc303399(office.12).aspx
SDK Documentation
http://msdn.microsoft.com/enus/library/ms512767(v=office.12).aspx
Microsoft Project 2010 Microsoft Project 2010 offers flexibility and choice for individuals, teams, and the enterprise to effectively manage all types of work—from simple tasks to complex projects and programs. General Home Page
http://www.microsoft.com/project/2010/en/us/default.aspx
Get Started
http://office.microsoft.com/en-us/support/getting-started-withoffice-2010-FX101822272.aspx
Developer Portal
http://msdn.microsoft.com/en-us/office/aa905469.aspx
SDK Documentation
http://msdn.microsoft.com/enus/library/ms512767(office.14).aspx
Architecture Guide
Page 48 of 123
Forefront Endpoint Protection 2010 Forefront Endpoint Protection 2010 can help organizations simplify and improve protection of desktop and server operating systems while greatly reducing infrastructure costs. It builds on System Center Configuration Manager 2007 to enable organizations to use existing client management infrastructure to deploy and maintain endpoint protection. This shared infrastructure helps reduce ownership costs while improving visibility and control over endpoint management and security. Forefront Endpoint Protection 2010 protects against known and unknown threats with endpoint inspection at the application, file, and network layers. General Overview
http://technet.microsoft.com/en-us/library/ff823816.aspx
Technical Resources
http://www.microsoft.com/forefront/endpointprotection/en/us/technical-resources.aspx
Evaluation
http://technet.microsoft.com/en-us/evalcenter/ff182914.aspx
Download
http://www.microsoft.com/enus/download/details.aspx?id=7022
System Center 2012 Endpoint Protection Microsoft System Center 2012 Endpoint Protection allows organizations to consolidate desktop security and management in a single solution. It provides an antimalware and security solution for the Microsoft platform. Built on System Center 2012 Configuration Manager, System Center 2012 Endpoint Protection provides a comprehensive enterprise management solution that enables an organization to centrally deploy endpoint protection to client systems, configure and manage policies and firewall settings through role-based access, and automatically deploy updates. Microsoft System Center 2012 Endpoint Protection also sends out email notifications to IT when computers are affected by malware. General Home Page
http://www.microsoft.com/en-us/server-cloud/systemcenter/endpoint-protection-2012.aspx
Overview
http://technet.microsoft.com/en-us/library/hh508836.aspx
Planning for Endpoint Protection
http://technet.microsoft.com/library/hh508763.aspx
Configuring Endpoint Protection
http://technet.microsoft.com/library/hh508764.aspx
Operations and Maintenance for Endpoint Protection
http://technet.microsoft.com/library/hh508772.aspx
Windows 7 Windows 7 is the most advanced Windows operating system for business PCs, and is designed to meet the evolving needs of the users and IT professionals—both in and out of the office. With exclusive features and benefits, Windows 7 can lower total cost of ownership by helping users stay productive virtually anywhere, enhancing security and control, and simplifying PC management across organizations. General Home Page
Architecture Guide
http://www.microsoft.com/windows/windows-7/default.aspx
Page 49 of 123
General Get Started
http://technet.microsoft.com/hi-in/library/dd349335(enus,WS.10).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/dd799262(enus,WS.10).aspx
Deployment
http://technet.microsoft.com/hi-in/library/dd349337(enus,WS.10).aspx
Help and How-To
http://windows.microsoft.com/en-US/windows7/help
Windows 8 Windows 8 operating system is built on the foundation of Windows 7 and has improved security and reliability features. Windows 8 is fast and it is made to work on a variety of form factors—especially the new generation of touch devices. Windows 8 delivers experiences users want, offers new possibilities for mobile productivity, and provides IT with a more secure, easy-to-manage infrastructure. General Home Page
http://windows.microsoft.com/en-US/windows/home
Get Started
http://windows.microsoft.com/en-US/windows-8/get-started
Planning and Architecture
http://technet.microsoft.com/en-us/windows/hh974335
Deployment
http://technet.microsoft.com/en-us/library/hh825230.aspx
FAQ
http://windows.microsoft.com/en-US/windows-8/faq
Offline Files Offline Files makes network files available to a user, even if the network connection to the server is unavailable or slow. When working online, file access performance is at the speed of the network and server. When working offline, files are retrieved from the Offline Files folder at local access speeds. General Home Page
http://msdn.microsoft.com/library/cc296092.aspx
Offline Files Overview
http://technet.microsoft.com/en-us/library/hh848267.aspx
Deploy Offline Files
http://technet.microsoft.com/en-us/library/jj649074.aspx
Enable the Always Offline Mode to provide Faster Access to Files
http://technet.microsoft.com/en-us/library/hh968298.aspx
Disable Offline Files on Individual Redirected Folders
http://technet.microsoft.com/en-us/library/jj154097.aspx
CLOUD TECHNOLOGIES This section contains links to the cloud technologies that Table 1 references.
Architecture Guide
Page 50 of 123
Business Productivity Online Standard (BPOS) Suite Business Productivity Online Standard (BPOS) Suite is a set of enterprise products delivered as a subscription service, hosted by Microsoft and sold with partners. It is designed for companies who have managed IT needs. The suite includes Exchange Online, Office SharePoint Online, Office Communications Online, and Forefront Online Protection for Exchange, and Office Live Meeting. General Home Page
http://www.microsoft.com/online/business-productivity.aspx
Transition to Office 365
http://www.microsoft.com/online/transition-center_before.aspx
Administration
http://www.microsoft.com/online/help/enus/helphowto/Administration.htm
Migration and Synchronization
http://www.microsoft.com/online/help/enus/helphowto/Migration-Synchronization.htm
Office 365 Office 365 is an online subscription service that provides email, shared calendars, the ability to create and edit documents online, instant messaging, web conferencing, a public website for your business, and internal team sites—all accessible from virtually anywhere from nearly any device. General Home Page
http://www.microsoft.com/en-us/office365/online-software.aspx
Get Started
http://technet.microsoft.com/en-US/office365
Deployment
http://technet.microsoft.com/en-us/library/hh852466.aspx
Development
http://technet.microsoft.com/en-us/library/hh852466.aspx
Microsoft SharePoint Online Microsoft SharePoint Online gives businesses a highly secure, central location where employees can more efficiently collaborate with team members, find organizational resources, manage content and workflow, and gain business insight to make better-informed decisions. Employees can create and manage custom, team-focused, and project-focused intranet sites to collaborate and share documents. General Home Page
http://www.microsoft.com/en-us/office365/sharepointonline.aspx#fbid=HvI_5fUsa4z
SharePoint Site Collections
http://www.microsoft.com/online/help/enus/helphowto/05a88822-3eab-4d97-91c1-e6244fd10c52.htm
Infrastructure Planning and Design Guides for Microsoft Online Services
http://technet.microsoft.com/hiin/solutionaccelerators/ee424804(en-us).aspx
Develop for Microsoft SharePoint 2010 http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/ OSP210 Online
Architecture Guide
Page 51 of 123
Windows Azure Platform Windows Azure platform offers a flexible, familiar environment for developers to create cloud applications and services. With Windows Azure, organizations can shorten their time to market and adapt as demand for their services grows. General Home Page
http://www.microsoft.com/windowsazure/
Quick Guide
http://msdn.microsoft.com/en-us/library/dd163896.aspx
Development
http://social.msdn.microsoft.com/Forums/enUS/windowsazuredevelopment/threads
Windows Azure Windows Azure is an operating system in Microsoft Cloud Services that serves as the development, service hosting, and service management environment for the Windows Azure platform. Windows Azure provides developers with on-demand compute and storage to host, scale, and manages web applications on the Internet through Microsoft data centers. General Home Page
http://www.microsoft.com/windowsazure/windowsazure/
Overview
http://msdn.microsoft.com/enus/library/windowsazure/dd163896.aspx
Get Started
http://www.windowsazure.com/en-us/develop/overview/
Plan and Design Applications
http://msdn.microsoft.com/enus/library/windowsazure/hh674495
System Components Integration This section describes the integration points of Windows Azure with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Windows Azure in integration with other system components. Enabling services to navigate firewalls or network boundaries Service Bus provides network infrastructure to help users connect applications over the Internet, using a variety of different messaging patterns that cross firewalls and NAT devices without losing security.
AppFabric Windows Azure platform AppFabric helps developers connect applications and services in the cloud or on- premises. This capability includes applications that run on Windows Azure, Windows Server, and other platforms including Java, Ruby, and PHP. AppFabric provides a service bus for connectivity across network and organizational boundaries, and access control for federated authorization as a service. General
Architecture Guide
Page 52 of 123
Download
http://www.microsoft.com/enus/download/details.aspx?id=27421
Integration with Windows Azure AppFabric
http://social.technet.microsoft.com/wiki/contents/articles/7930. mscrm2011-integration-with-windows-azure-appfabric-part1.aspx
System Components Integration This section describes the integration points of Windows Azure AppFabric with other system components.
Usage Scenarios Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries AppFabric helps users more easily connect on-premises applications with the cloud. AppFabric Access Control and Service Bus provide core functionality related to secure application connectivity. AppFabric Access Control Service simplifies the authentication and authorization processes in web applications and services. AppFabric Service Bus helps users expose application or service functionality across a variety of network-related constraints and establishes connectivity and flexible communication among applications. The primary feature of the Service Bus is to “relay” messages from clients through the Windows Azure cloud to software running on-premises, bypassing any firewalls, network address translations (NATs), or other network obstacles that might be in the way. The Service Bus can also help negotiate direct connections between applications.
Active Directory Access Control Active Directory Access Control is a modern, REST-based service that provides identity management and access control capabilities for your cloud applications. It provides a cloud-based identity provider that easily integrates with an organization’s on-premises AD deployments and provides full support of third-party identity providers. Active Directory Access Control capabilities include a cloud-based store for directory data and a core set of identity services including user logon processes, authentication, and federation services. General Download
http://www.microsoft.com/enus/download/details.aspx?id=27421
Integration with Windows Azure AppFabric
http://social.technet.microsoft.com/wiki/contents/articles/7930. mscrm2011-integration-with-windows-azure-appfabric-part1.aspx
Microsoft SQL Azure Microsoft SQL Azure Database is a cloud-based relational database service built on Microsoft SQL Server technologies. It provides a highly available, scalable, multitenant database service hosted by Microsoft in the cloud. SQL Azure Database helps simplify provisioning and deployment of multiple databases.
Architecture Guide
Page 53 of 123
General Windows Azure SQL Database
http://msdn.microsoft.com/enus/library/windowsazure/ee336279.aspx
Data Management
http://www.windowsazure.com/en-us/home/features/datamanagement/
SQL Azure Data Sync
http://social.technet.microsoft.com/wiki/contents/articles/sqlazure-data-sync-overview.aspx
Migrate Databases to SQL Azure
http://msdn.microsoft.com/en-us/library/ee730904.aspx
Development
http://msdn.microsoft.com/en-us/library/ee336225.aspx
System Components Integration This section describes the integration points of Windows Azure platform with other system components.
Usage Scenarios This section describes the usage scenarios as supported by the Windows Azure platform in integration with other system components. Highly available, scalable, multitenant storage service in the cloud
Interoperability with SQL Server 2008 R2 / 2012 Microsoft SQL Azure Database is a cloud-based, relational database service built on SQL Server technologies. It provides a highly available, scalable, multitenant database service hosted by Microsoft in the cloud. SQL Azure Database helps organizations provision and deploy multiple databases, and helps developers avoid installing, setting up, patching, or managing any software. It features high availability and fault tolerance, requires no physical administration, and supports Transact-SQL (T-SQL). Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Relational data model in the cloud that provides connectivity with existing on-premises storage
Interoperability with SQL Server 2008 R2 / 2012 SQL Azure provides a familiar environment for database programmers. The objects that are created in SQL Azure Database are the same as those in a SQL Server database. Both SQL Server and SQL Azure Database use the Transact-SQL language for database creation and data manipulation. Database developers and administrators can quickly become productive in SQL Azure by using their existing expertise. Developers can use existing knowledge in T-SQL development and a familiar relational data model for symmetry with existing on-premises databases.
Self-managing capability to provision data services with built-in fault tolerance SQL Azure Database offers the high availability and functionality of an enterprise data center without the administrative costs associated with on-premises solutions. Administrators can provision necessary data storage in minutes and quickly respond to changes in demand. This reduces the initial costs of data services by helping organizations to provision only what they need with the ability to extend the cloud-based data storage.
Architecture Guide
Page 54 of 123
All information held in Windows Azure storage is replicated three times. These replications allow fault tolerance, so organizations can lose one copy of the information without losing all copies. The system provides strong consistency, helping to ensure that applications read the exact data they write. Creation, prototyping, and deployment of applications that integrate data across the organization SQL Azure offers a rich, relational programming model and uses a familiar data access protocol and simple deployment options. SQL Azure removes infrastructure obstacles, giving developers more freedom to innovate and experiment with new ways of sharing data. The Windows Azure Platform provides a fully interoperable environment that supports industry standards and web protocols, including REST, SOAP, and XML. To build applications and services on Windows Azure, developers can use their existing Microsoft Visual Studio expertise. Organizations can deploy Windows Azure applications to upload their services’ packages and configuration files to the hosting fabric.
Microsoft Online Backup Service Microsoft Online Backup Service is a cloud-based backup service for Windows Server 2012 that IT administrators in an organization can use to back up files and in the cloud in order to provide off-site protection against data loss. It delivers business continuity benefits by providing a backup solution that requires no initial hardware costs other than a broadband Internet connection. Microsoft Online Backup Service can be used to schedule file and folder backups from on-premises servers to the cloud. To transfer data between servers running Windows Server 2012 and Microsoft Online Backup Service you can use the Microsoft Online Backup Service Agent or the Online Backup cmdlets for Windows PowerShell. General Overview
http://technet.microsoft.com/en-us/library/hh831419
Manage
http://technet.microsoft.com/en-us/library/hh831590
Administer
http://technet.microsoft.com/en-us/library/hh831765.aspx
System Components Integration This section describes the integration points of Microsoft Online Backup Service with other system components.
Usage Scenarios This section describes the usage scenarios supported by Microsoft Online Backup Service. Highly available, scalable, multitenant storage service in the cloud Microsoft Online Backup Service is a cloud-based backup solution which allows files and folders to be backed up and recovered from the cloud, with a simple user interface to configure and monitor the backups. Microsoft Online Backup Agent performs incremental backups by tracking file and block-level changes and only transferring the changed blocks. It accepts and implements retention policies to recycle backups that exceed the desired retention range.
Architecture Guide
Page 55 of 123
DEVELOPMENT TOOLS This section contains links to the development tools that Table 1 references.
Microsoft .NET Framework 4.0 The Microsoft .NET Framework is the Windows developer platform that connects information, people, systems, and devices. The Microsoft .NET Framework provides the foundation for productively building connected and appealing applications on a wide variety of systems from the device to the data center. General Home Page
http://www.microsoft.com/net/default.aspx
Microsoft .NET Framework 4
http://www.microsoft.com/download/en/details.aspx?displaylan g=en&id=17851
Visual Studio Team Foundation Server 2010 Microsoft Visual Studio Team Foundation Server 2010 is the collaboration platform at the core of Microsoft’s application life-cycle management solution that automates the software delivery process and enables organizations to effectively manage software development projects throughout the IT life cycle. General Home Page
http://www.microsoft.com/visualstudio/en-gb/products/2010editions/team-foundation-server
System Components Integration This section describes the integration points of Visual Studio Team Foundation Server 2010 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Visual Studio Team Foundation Server 2010 in integration with other system components. Creation, prototyping, and deployment of applications that integrate data across the organization Team Foundation Server (TFS) is intended for collaborative software development projects. Users can run, monitor, and manage builds using Team Foundation Build to compile code and run tests. Users can also quickly prototype a new or modified interface.
Visual Studio 11 Team Foundation Server Visual Studio 11 Team Foundation Server (TFS) is the collaboration platform at the core of Microsoft's application life-cycle management (ALM) solution. TFS supports agile development practices, multiple IDEs and platforms locally or in the cloud, and gives you the tools you need to effectively manage software development projects throughout the IT life cycle. General Home Page
Architecture Guide
http://www.microsoft.com/visualstudio/eng/products/visualstudio-team-foundation-server-2012
Page 56 of 123
System Components Integration This section describes the integration points of Visual Studio 11 Team Foundation Server with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Visual Studio 11 Team Foundation Server in integration with other system components. Creation, prototyping, and deployment of applications that integrate data across the organization Team Foundation Server (TFS) is intended for collaborative software development projects. Users can run, monitor, and manage builds using Team Foundation Build to compile code and run tests. Users can also quickly prototype a new or modified interface.
Microsoft Visual Studio Team System 2008 Microsoft Visual Studio Team System 2008 Team Suite provides an integrated set of tools for architecture, design, development, database development, and testing of applications. By using the suite, information workers can collaborate more effectively and use a complete set of tools and guidance at every step of the application life cycle. General Overview
http://www.microsoft.com/downloads/details.aspx?FamilyId=D9 5598D7-AA6E-4F24-82E3-81570C5384CB&displaylang=en
Testing Tools
http://msdn.microsoft.com/enus/library/ms243146(v=VS.90).aspx
Development Edition
http://msdn.microsoft.com/enus/library/47f7hz7y(v=VS.90).aspx
Architecture Edition
http://msdn.microsoft.com/enus/library/57b85fsc(v=VS.90).aspx
Installer
http://www.microsoft.com/downloads/details.aspx?familyid=FBE E1648-7106-44A7-9649-6D9F6D58056E&displaylang=en
System Components Integration This section describes the integration points of Visual Studio Team System 2008 with other system components.
Usage Scenarios This section describes the usage scenarios supported by Visual Studio Team System 2008. Creation, prototyping, and deployment of applications that integrate data across the organization
Interoperability with SQL Server 2008 R2 Visual Studio offers database design and development tools in an integrated development environment, helping developers to visually design data relationships, filter SQL statements, edit SQL code, and run database queries in the development environment itself.
Architecture Guide
Page 57 of 123
Microsoft Visual Studio Team System 2010 Microsoft Visual Studio Team System 2010 is a platform for productive, integrated, and extensible software development life-cycle tools. With Visual Studio Team System 2010, organizations can develop custom websites to provide employee training and help software teams improve communication and collaboration throughout the software development process. General Home Page
http://www.microsoft.com/visualstudio/eng/products/visualstudio-2010-express
Overview
http://msdn.microsoft.com/enus/library/dd831853(v=vs.100).aspx
Install and Maintain
http://msdn.microsoft.com/en-us/library/e2h7fzkw(VS.100).aspx
Get Started
http://msdn.microsoft.com/enus/library/ms165079(VS.100).aspx
System Components Integration This section describes the integration points of Visual Studio Team System 2010 with other system components.
Usage Scenarios This section describes the usage scenarios supported by Visual Studio Team System 2010. Creation, prototyping, and deployment of applications that integrate data across the organization
Interoperability with SQL Server 2012 Visual Studio offers database design and development tools in an integrated development environment, helping developers to visually design data relationships, filter SQL statements, edit SQL code, and run database queries in the development environment itself.
Visual Studio 11 Visual Studio 11 is the comprehensive and integrated application development and management solution for organizations developing and operating highly scalable software applications and services. It enables developers to create multi-tier applications across the web, cloud, and devices including capabilities of Windows 8, the web, SharePoint, mobile, cloud development, and application management lifecycle tools to help software teams improve communication and collaboration throughout the software development process. General Home Page
http://www.microsoft.com/visualstudio/eng/products/visualstudio-overview
Development Center
http://msdn.microsoft.com/enus/library/windows/apps/br211384.aspx
Resources
http://msdn.microsoft.com/en-us/library/dd831853.aspx
Architecture Guide
Page 58 of 123
System Components Integration This section describes the integration points of Visual Studio 11 with other system components.
Usage Scenarios This section describes the usage scenarios supported by Visual Studio 11. Creation, prototyping, and deployment of applications that integrate data across the organization
Interoperability with SQL Server 2012 Visual Studio offers database designing and development tools in an integrated development environment, helping developers to visually design data relationships, filter SQL statements, edit SQL code, and run database queries in the development environment itself.
Windows Communications Foundation (WCF) Services Windows Communication Foundation (WCF) is Microsoft's next-generation programming platform and runtime system for building, configuring, and deploying network-distributed services. It provides a unified framework for creating more secure, reliable, transacted, and interoperable service-oriented applications. Organizations use WCF Services to send data as asynchronous messages, as simple as a single character or word sent as XML, or as complex as a stream of binary data, from one service endpoint to another. General Overview
http://msdn.microsoft.com/en-us/library/bb907578.aspx
Building WCF Services
http://msdn.microsoft.com/en-us/library/aa480190.aspx
Resources
http://msdn.microsoft.com/en-us/library/dd456779.aspx
TOOLS This section contains links to the tools that Table 1 references.
Microsoft Assessment and Planning Toolkit 6.0/6.5 The Microsoft Assessment and Planning (MAP) Toolkit is an agent-less inventory, reporting, and multiproduct planning and assessment tool that helps organizations more securely assess IT environments or infrastructure for various platform migrations and determine the right Microsoft technologies that IT needs. Organizations use this solution to accelerate their IT infrastructure planning process, and gather more detail on assets that reside within their current environment. It also provides private and public cloud planning assessments and server utilization data for Hyper-V server virtualization planning, including ROI analysis for server consolidation with Hyper-V. General Overview
http://technet.microsoft.com/en-us/library/bb977556.aspx
Resources
http://technet.microsoft.com/enus/solutionaccelerators/dd537566.aspx
Getting Started
http://go.microsoft.com/fwlink/?LinkId=158130
Download
http://www.microsoft.com/enus/download/details.aspx?id=7826
Architecture Guide
Page 59 of 123
Microsoft Security Assessment Tool The Microsoft Security Assessment Tool can help organizations assess weaknesses in their current IT security environments, reveal a prioritized list of potential problems, and help specify how to minimize security risks. General Overview
http://technet.microsoft.com/en-us/security/cc185712.aspx
Download Center
http://www.microsoft.com/downloads/details.aspx?FamilyId=CD 057D9D-86B9-4E35-9733-7ACB0B2A3CA1&displaylang=en
Microsoft Software Inventory Analyzer 5.0/5.1 Microsoft Software Inventory Analyzer 5.0/5.1 can help organizations use software inventory as a starting point for working with software asset management. Organizations can use Microsoft Software Inventory Analyzer 5.0/5.1 to scan and inventory the Microsoft software installed on a single computer or on multiple computers throughout a network. Microsoft Software Inventory Analyzer 5.0/5.1 generates a report that provides details about all installed Microsoft products, including the type and the number of licenses. General Overview
http://www.microsoft.com/en/gb/sam/msia.aspx
Download Center
http://www.microsoft.com/downloads/details.aspx?displaylang= en&FamilyID=c25884f2-9ab6-419f-a22f-d39225eac339
Microsoft Deployment Toolkit 2010 Microsoft Deployment Toolkit 2010 provides a common console with the comprehensive tools and guidance needed to efficiently manage deployment of Windows 7 and Windows Server 2008 R2. Microsoft Deployment Toolkit 2010 is the recommended process and tool set to automate desktop and server deployment, and it provides detailed guidance and job aids for every organizational role involved with large-scale deployment projects. General Overview
http://technet.microsoft.com/enus/solutionaccelerators/dd407791.aspx
Microsoft Deployment Toolkit—Next Generation
http://download.microsoft.com/download/F/3/3/F33D91DFD6E3-442A-9E205A39C82111FD/ITPro_Client_Infrastructure/MS_Deployment_To olkit_Ramalinga.pdf
Microsoft Deployment Toolkit 2012 Microsoft Deployment Toolkit 2012 provides a common console with comprehensive tools and guidance to automate large-scale Windows and Office deployments, making it a recommended process and toolset. It supports deployment capabilities for the latest software releases, including Windows 8, Windows Server 2012, Windows 7, Office 365, Office 2010, and Windows Server 2008 R2. Microsoft Deployment Toolkit 2012 provides unified tools along with improved security and ongoing configuration management.
Architecture Guide
Page 60 of 123
General Product Overview
http://technet.microsoft.com/enus/solutionaccelerators/dd407791.aspx
What’s New
http://download.microsoft.com/download/b/3/a/b3a89fae-f7bf4e7c-b208223b991e9c30/Whats%20New%20in%20MDT%20Guide.docx
Microsoft Deployment Toolkit— Resources
http://technet.microsoft.com/en-us/library/ee376932.aspx
Windows Automated Installation Kit Windows Automated Installation Kit helps original equipment manufacturers, system builders, and corporate IT professionals deploy Windows onto new hardware. The Windows Automated Installation Kit is a set of deployment tools that supports the latest release of Windows. General Overview
http://technet.microsoft.com/enus/library/cc748933(WS.10).aspx
User’s Guide
http://technet.microsoft.com/enus/library/cc749528(WS.10).aspx
Deployment Tools Technical Reference http://technet.microsoft.com/enus/library/cc766376(WS.10).aspx
Security Compliance Management Toolkit Microsoft Security Compliance Management Toolkit centralizes security baseline management features and provides a baseline portfolio, customization capabilities, and security baseline export flexibility to help organizations efficiently manage the security and compliance process for the most widely used Microsoft technologies. General Overview
http://technet.microsoft.com/en-us/library/cc514539.aspx
Download Center
http://www.microsoft.com/download/en/details.aspx?displaylan g=en&id=16776
Microsoft Security Compliance Manager Microsoft Security Compliance Manager enables IT admins to quickly configure and manage computers, traditional datacenter, and private cloud using Group Policy and Microsoft System Center Configuration Manager. SCM provides ready to deploy policies and DCM configuration packs that are tested and fully supported. These baselines are based on Microsoft Security Guide recommendations and industry best practices, allowing IT admins to manage configuration drift, address compliance requirements, and reduce security threats. General Homepage
Architecture Guide
http://technet.microsoft.com/enus/solutionaccelerators/cc835245.aspx
Page 61 of 123
General Download
http://www.microsoft.com/enus/download/details.aspx?id=16776
What’s New
http://technet.microsoft.com/en-us/library/cc677002.aspx
Compliance Management Libraries/2.0 IT Compliance Management Libraries provide prescriptive guidance that helps IT professionals to configure Microsoft products to address specific IT governance, risk, and compliance (GRC) requirements. The Compliance Management Libraries are available for Windows Server 2008, Windows Server 2008 R2, Windows 7, and Microsoft System Center. These libraries help to bridge the knowledge gap for IT pros by translating auditor expectations into real IT tasks through the use of control activities that are specific to a particular technology or platform. General Download Center
http://www.microsoft.com/engb/download/details.aspx?id=18416
Data Classification Toolkit The Data Classification Toolkit provides support for configuring data compliance on file servers running Windows Servers to help automate the file classification process and make file management more efficient in the organization. The toolkit allows provisioning and standardizes central access policy across a forest and applies default access policies on the file servers. The toolkit also provides tools to provision user and device claim values based on Active Directory Domain Services (AD DS) resources, which helps simplify configuring Dynamic Access Control in Windows Server 2012. General Overview
http://technet.microsoft.com/en-us/library/hh204743.aspx
Download Center
http://www.microsoft.com/enus/download/details.aspx?id=27123
Important information about the Data Classification Toolkit
http://technet.microsoft.com/en-us/library/hh367453.aspx
IT Governance, Risk, and Compliance Process Management Pack /2.0 The Microsoft IT GRC Process Management Pack for System Center Service Manager provides end-toend compliance management and automation for desktop and data center computers. Deeply integrated with Microsoft System Center Service Manager, the IT GRC Process Management pack translates complex regulations and standards into authoritative control objectives and control activities for the IT organization’s compliance program. General Overview
http://technet.microsoft.com/en-us/library/gg176679.aspx
Download Center
http://www.microsoft.com/enus/download/details.aspx?id=4953
System Center Process Pack for IT GRC
http://technet.microsoft.com/en-us/library/dd206732.aspx
Architecture Guide
Page 62 of 123
BizTalk ESB Toolkit BizTalk ESB Toolkit is a collection of tools and libraries that extend BizTalk Server 2010 capabilities of supporting a loosely coupled and dynamic messaging architecture. It functions as middleware that provides tools for rapid mediation between services and their consumers. It also provides key building blocks such as endpoint run-time discovery and virtualization, loosely coupled service composition, dynamic message transformation and translation, and dynamic routing. General Overview
http://msdn.microsoft.com/en-us/library/ff699598.aspx
Installation
http://msdn.microsoft.com/enus/library/ee384248(v=bts.10).aspx
BizTalk ESB Toolkit Core Components
http://www.microsoft.com/enus/download/details.aspx?id=14293
Architecture Guide
Page 63 of 123
Phase 2 This section provides the definition, Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy Phase 2.
Envision the Solution This section provides the definition for Phase 2 and other useful information, such as starting points, to help you envision your solution’s definition, Optimization mapping, and technology mapping.
Definition Phase 2 is a robust, enterprise-class deployment that addresses the following goals:
Covers the functionality in your envisioned solution.
Helps you to see all of the capabilities for your envisioned solution.
The conceptual architecture diagram in Figure 9 represents the collective set of business capabilities that Phase 2 includes. Figure 9 Conceptual architecture diagram for Phase 2
Architecture Guide
Page 64 of 123
This section describes the integrated capabilities of the Phase 2 solution. Organizations can use this section to better understand which integrated capabilities they need to customize for the solution to meet specific business needs. Organizations that require a Phase 2 solution for Windows Azure need to support business growth and improve economic feasibility by reducing their operational and maintenance costs. They need to enable their IT resources to concentrate on innovation and bring their ideas to market faster. Organizations can provide on-demand computing and storage to host, scale, and manage web applications on the Internet and in service hosting and service management environments. Organizations can better bridge the gap between on-premises and off-premises applications and reduce costs to purchase and manage additional servers and storage on-site by creating new applications in the cloud that support bidirectional data synchronization between cloud applications and on-premises data storage. Organizations can consume disparate data sets, imagery, and content in real time under a unified provisioning and billing framework. Organizations can provide more secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries. They can better protect their applications from intrusions by flexibly configuring users on different identity-management infrastructures.
Optimization Mapping Figure10 shows the Optimization mapping for Phase 2. Figure 10 Optimization mapping for Phase 2
Architecture Guide
Page 65 of 123
Architecture Guide
Page 66 of 123
Technology Mapping Phase 2 requires the following Microsoft technologies:
Client Technologies Office 2007 / 2010
Office Outlook 2007 / Outlook 2010, Office Word 2007 / Word 2010, Office Excel 2007 / Excel 2010, Office PowerPoint 2007 / PowerPoint 2010
Office Visio 2007 / Visio 2010
Microsoft Office Project 2007 / Project 2010
Forefront Endpoint Protection 2010 / System Center 2012 Endpoint Protection
Windows 7 / 8
Server Technologies Microsoft Office SharePoint Server 2007 / Microsoft SharePoint Server 2010
SQL Server 2008 R2 / 2012
Microsoft Server Security
Microsoft Forefront Security for SharePoint / Microsoft Forefront Protection 2010 for SharePoint
Internet Security and Acceleration Server 2006 / Forefront Threat Management Gateway 2010
Intelligent Application Gateway 2007 / Forefront Unified Access Gateway 2010
Architecture Guide
Page 67 of 123
Forefront Identity Manager 2010 / 2010 R2
Windows Server 2008 R2 / 2012
Microsoft System Center
System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager
System Center Data Protection Manager 2010 / System Center 2012 Data Protection Manager
System Center Configuration Manager 2007 R3 / System Center 2012 Configuration Manager
System Center Virtual Machine Manager 2008 R2 / System Center 2012 Virtual Machine Manager
Microsoft System Center Virtual Machine Manager Self Service Portal 2.0
Microsoft System Center Service Manager 2010 / Microsoft System Center 2012 Service Manager
Opalis / Microsoft System Center 2012 Orchestrator
Microsoft System Center 2012 App Controller
Windows Storage Server 2008 / 2008 R2
Windows Server AppFabric
Hyper-V Server 2008 / 2008 R2
BizTalk Server 2009 / 2010
Cloud Technologies Business Productivity Online Services / Office 365
SharePoint Online
Windows Azure platform
Windows Azure
Windows Azure AppFabric
Microsoft SQL Azure
Online Backup Service
Development Tools .NET Framework
Visual Studio 2010 Team Foundation Server / Visual Studio 11 Team Foundation Server
Visual Studio Team System 2008 / 2010 / 11
Windows Communications Foundation (WCF) Services
Tools Assessment and Planning Toolkit 6.0 / 6.5
Security Assessment Tool
Software Inventory Analyzer 5.0 / 5.1
Deployment Toolkit 2010 / 2012
Windows Automated Installation Kit
Security Compliance Management Toolkit
Compliance Management Libraries 2.0
Windows SDK
Architecture Guide
Page 68 of 123
Data Classification Toolkit
IT Governance, Risk and Compliance Process Management Pack 2.0
BizTalk ESB Toolkit
Architect the Solution This section provides the logical architecture, illustrative physical architecture, and list of required system components for Phase 2, which is a useful starting point to help you design your solution.
Logical Architecture Figure 11 is the logical architecture diagram that shows the infrastructure for Phase 2 and its functionalities. This diagram provides a high-level overview of the requirements to implement Phase 2. This diagram is a starting point; you should customize it to meet the specific needs of your organization. Figure 11 Logical architecture diagram of Phase 2
Architecture Guide
Page 69 of 123
Illustrative Physical Architecture Figure 12 is an illustrative physical architecture diagram for Phase 2. A physical architecture diagram shifts from describing technologies as capabilities and roles to describing physical systems. As with all sample diagrams, you should customize this diagram to meet the specific needs of your organization. For more information about customizing this diagram (including the required software product editions), see Plan Development and Deployment of the Solution in Phase 2. Figure 12 Physical architecture for Phase 2
System Components This section lists the system components that Phase 2 requires. The system components consist of product components that are grouped by product families. Table 2 lists the product components that each solution capability in Phase 2 needs. You can use this table to better understand which product components you need to meet the specific solution capability requirements for your customized solution. The legend for the table is as follows: X
Product must be included to enable the solution capability.
*
Product is recommended to better enable the solution capability.
Architecture Guide
Page 70 of 123
Bidirectional data synchronization between onpremises and cloud storage
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
*
*
X
*
*
*
*
*
*
*
*
Windows 7
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
*
*
*
*
*
Creation, prototyping, and deployment of applications that integrate data across the organization
*
Product component
Ability to publish and subscribe for multicasting
Forefront Endpoint Protection 2010 / System Center 2012 Endpoint Protection
Product family
Unified provisioning and billing framework
Enabling services to navigate firewalls or network boundaries
Cloud-based development, service hosting, and service management environment
*
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
On-demand compute and storage on the Internet
Table 2 System components for Phase 2
CLIENT TECHNOLOGIES Office 2007 / 2010 Office Outlook 2007 / Outlook 2010, Office Word 2007 / Word 2010, Office Excel 2007 / Excel 2010, Office PowerPoint 2007 / PowerPoint 2010
*
Office Visio 2007 / Visio 2010
*
Office Project 2007 / Project 2010
*
Windows 8 Offline Files DirectAccess SERVER TECHNOLOGIES Office SharePoint Server 2007 / SharePoint Server 2010* Sites and Portals Single Sign-On Service / Secure Store Service* SQL Server 2008 R2 / 2012 Database Engine
X
X
*
Server Security Forefront Security for SharePoint / Forefront Protection 2010 for SharePoint Internet Security and Acceleration Server 2006 / Forefront Threat Management Gateway 2010
Architecture Guide
Page 71 of 123
On-demand compute and storage on the Internet
Cloud-based development, service hosting, and service management environment
Bidirectional data synchronization between onpremises and cloud storage
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
Unified provisioning and billing framework
Ability to publish and subscribe for multicasting
Creation, prototyping, and deployment of applications that integrate data across the organization
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Enabling services to navigate firewalls or network boundaries
Firewall
X
X
X
X
X
X
X
X
X
Intelligent Application Gateway 2007 / Forefront Unified Access Gateway 2010
*
*
*
*
*
*
*
*
*
*
*
*
X
X
X
X
X
X
*
*
*
*
* X
X
Product family Product component
Forefront Identity Manager 2010 / 2010 R2
*
Windows Server 2008 R2 / 2012* Active Directory® Domain Services
X
Active Directory Federation Services Active Directory Certificate Services Active Directory Lightweight Directory Services
*
X *
*
*
Internet Information Services (IIS) 7/8 Hyper-V
*
X *
*
Network Policy and Access Services Group Policy
X
* X
X
X
X
*
*
*
*
X
*
Windows Deployment Services Windows Firewall with Advanced Security
*
X *
*
*
*
*
*
* *
*
*
*
*
*
*
*
*
*
*
*
*
*
DirectAccess Storage Spaces*
*
System Center System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager
*
*
*
*
System Center Data Protection Manager 2010 / System Center 2012 Data Protection Manager
*
*
*
*
Architecture Guide
*
Page 72 of 123
Unified provisioning and billing framework
*
*
System Center Virtual Machine Manager 2008 R2 / System Center 2012 Virtual Machine Manager
*
*
Enabling services to navigate firewalls or network boundaries
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
*
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Bidirectional data synchronization between onpremises and cloud storage
*
Creation, prototyping, and deployment of applications that integrate data across the organization
Cloud-based development, service hosting, and service management environment
*
Product component
Ability to publish and subscribe for multicasting
On-demand compute and storage on the Internet
System Center Configuration Manager 2007 R3 / System Center 2012 Configuration Manager
Product family
*
*
*
*
*
*
*
System Center Virtual Machine Manager Self Service Portal 2.0
*
*
System Center Service Manager 2010 / System Center 2012 Service Manager
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
X
X
Opalis / System Center 2012 Orchestrator
*
System Center 2012 App Controller Windows Storage Server 2008 / 2008 R2
*
Windows Server AppFabric
*
*
Hyper-V Server 2008 / 2008 R2
*
*
BizTalk Server 2009 / 2010
X
*
*
*
* *
* *
* X
*
*
*
*
X
X
X
CLOUD TECHNOLOGIES BPOS / Office 365*
*
SharePoint Online
*
*
*
*
X
X
X
X
X
X
X
X
X
X
X
X
X
Windows Azure platform Windows Azure
X
Windows Azure AppFabric Active Directory Access Control SQL Azure
X
Online Backup Service
Architecture Guide
X
X
X
X
X
X
X
X
* X
X
X
X
*
Page 73 of 123
Visual Studio 2010 Team Foundation Server / Visual Studio 11 Team Foundation Server
X
X
*
X
Visual Studio Team System 2008 / 2010 / 11
X
X
*
X
Enabling services to navigate firewalls or network boundaries
X
Secure connectivity between loosely coupled services and applications over the Internet across firewall, domain, and network boundaries
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
*
Creation, prototyping, and deployment of applications that integrate data across the organization
Bidirectional data synchronization between onpremises and cloud storage
X
Ability to publish and subscribe for multicasting
Cloud-based development, service hosting, and service management environment
X
Product component
Unified provisioning and billing framework
On-demand compute and storage on the Internet
.NET Framework
Product family
*
*
X
X
X
*
X
X
X
*
X
X
X
*
*
*
*
X
X
*
*
*
*
*
*
*
*
X
X
DEVELOPMENT TOOLS
Windows Communications Foundation (WCF) Services
*
*
TOOLS, ADD-INS, LIBRARIES, AND FRAMEWORKS Assessment and Planning Toolkit 6.0 / 6.5
*
Security Assessment Tool
*
Software Inventory Analyzer 5.0 / 5.1
*
*
*
Deployment Toolkit 2010 / 2012
X
Windows Automated Installation Kit
*
Security Compliance Management Toolkit Security Compliance Manager 2.x Compliance Management Libraries 2.0 Windows SDK
*
Data Classification Toolkit
*
*
IT Governance, Risk and Compliance Process Management Pack 2.0
*
BizTalk ESB Toolkit
*
Architecture Guide
*
X
*
Page 74 of 123
Plan Development and Deployment of the Solution This section provides references to help you plan to develop and deploy the server product components that are relevant to Phase 2.
SERVER TECHNOLOGIES This section contains links to the server technologies that Table 2 references.
Microsoft Office SharePoint Server 2007 Microsoft Office SharePoint Server 2007 is an integrated suite of server capabilities that can help improve organizational effectiveness by providing comprehensive content management and enterprise search, accelerating shared business processes, and facilitating information sharing across boundaries for better business insight. Office SharePoint Server 2007 supports all intranet, extranet, and web applications across an organization within one integrated platform, instead of relying on separate fragmented systems. Additionally, this collaboration and content management server provides IT professionals and developers with the platform and tools they need for server administration, application extensibility, and interoperability. General Overview
http://sharepoint.microsoft.com/enus/product/2007/Pages/default.aspx
Planning and Architecture for Office SharePoint Server 2007
http://technet.microsoft.com/enus/library/cc261834(office.12).aspx
Deployment for Office SharePoint Server 2007
http://technet.microsoft.com/enus/library/cc262957(office.12).aspx
Plan Overall Design
http://technet.microsoft.com/enus/library/cc262612%28v=office.12%29.aspx
Support
http://office.microsoft.com/en-us/sharepoint-server-help/
Portals The versatile technology in Office SharePoint Server 2007 Portal Services provides the infrastructure for collaborating and the foundation for building portal sites. General Create a Portal Site in Office SharePoint Server 2007
http://office.microsoft.com/en-us/sharepoint-portal-serverit/creating-a-portal-site-HA001160366.aspx?CTT=1
Plan Site Creation and Maintenance (Office SharePoint Server 2007)
http://technet.microsoft.com/enus/library/cc263483(office.12).aspx
Design Server Farms and Topologies (Office SharePoint Server 2007)
http://technet.microsoft.com/enus/library/cc263157(office.12).aspx
Plan and Design Security (Office SharePoint Server 2007)
http://technet.microsoft.com/enus/library/cc262331%28v=office.12%29.aspx
Configure and Deploy Anonymous Publishing Sites for SharePoint Server 2007
http://msdn.microsoft.com/enus/library/dd638968(office.12).aspx
Architecture Guide
Page 75 of 123
System Components Integration This section describes the integration points of Office SharePoint Server 2007 with other system components.
Associated System Components This section describes the dependencies and recommendations for Office SharePoint Server 2007 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with SQL Server 2008 R2 SQL Server 2008 R2 is a relational database that stores all content, data, and configuration information used by Office SharePoint Server 2007.
Interoperability with Forefront Security for SharePoint Forefront Security for SharePoint can help protect Office SharePoint Server 2007 from malicious software and inappropriate content.
Interoperability with Visual Studio Team System 2008 Developers can use Visual Studio Team System 2008 to create document-handling processes, help users collaborate through portals and workspaces, and connect users to information in enterprise business systems.
Interoperability with BizTalk Server 2009 BizTalk Server 2009 enables Business Activity Monitoring (BAM). The BAM Portal is a web application that enables transactional data from within the business processes to be fully exposed with the SharePoint Portal Server. BAM provides a web service interface to expose the query of aggregate and instance data, creation of alerts, and retrieval of BAM configurations.
Interoperability with Core and Management Services Office SharePoint Server 2007 uses the following technologies and services: •
Windows Server 2008 R2 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enables organizations to manage certificate enrollment and revocation in a variety of scalable environments. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services.
Architecture Guide
Page 76 of 123
Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 7.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure. The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network. •
Internet Security and Acceleration Server 2006 protects the IT environment from Internetbased threats and provides users with faster and more secure remote access to applications and data.
•
Intelligent Application Gateway 2007 provides a secure-socket-layer virtual private network, a web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a wide variety of applications.
•
Windows Storage Server 2008 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
System Center family helps organizations by providing IT with self-managing and monitoring of dynamic systems. System Center family provides: A comprehensive view of the health of the IT environment. Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines. A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements.
Architecture Guide
Page 77 of 123
Automated incident response, change and compliance, and service life-cycle management processes. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
Microsoft SharePoint 2010 Microsoft SharePoint 2010 is the business collaboration platform that helps organizations connect and empower people through formal and informal business communities, and manage content throughout the information life cycle. Whether SharePoint 2010 is deployed on the premises or as a hosted service, the integrated capabilities are enhanced by search technologies and can help organizations make data-driven decisions and deploy customized solutions to quickly respond to changing business needs. The consolidation of collaboration solutions onto SharePoint 2010 can help organizations reduce costs by lowering training and maintenance expenses and increasing IT productivity, all within a governable and compliant platform. General Home Page
http://sharepoint.microsoft.com/Pages/Default.aspx
Get Started
http://technet.microsoft.com/hi-in/library/cc262868(enus,office.14).aspx
Planning and Architecture
http://technet.microsoft.com/hi-in/library/cc261834(enus,office.14).aspx
Deployment
http://technet.microsoft.com/hi-in/library/cc262957(enus,office.14).aspx
Hardware and Software Requirements
http://technet.microsoft.com/hi-in/library/cc262485(enus,office.14).aspx
Development
http://technet.microsoft.com/hi-in/library/cc262356(enus,office.14).aspx
Operations
http://technet.microsoft.com/hi-in/library/cc262289(enus,office.14).aspx
SharePoint Sites SharePoint Sites provides portal and collaboration capabilities across intranet, extranet, and Internet sites. SharePoint 2010 brings users together to share information, data, and expertise across organizations. It offers great usability, personalized experiences, and a single infrastructure that enables organizations to save time and money. General Overview
http://sharepoint.microsoft.com/enus/product/capabilities/sites/Pages/default.aspx
Sites and Site Collections Overview
http://technet.microsoft.com/enus/library/cc262410(office.14).aspx
Plan Sites and Site Collections
http://technet.microsoft.com/enus/library/cc263267(office.14).aspx
Architecture Guide
Page 78 of 123
System Components Integration This section describes the integration points of SharePoint 2010 with other system components.
Associated System Components This section describes the dependencies and recommendations for SharePoint 2010 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with SQL Server 2012 SQL Server 2012 is the relational database used to store all content, data, and configuration information used by SharePoint 2010.
Interoperability with Forefront Protection 2010 for SharePoint Forefront Protection 2010 for SharePoint is recommended to help protect SharePoint 2010 from malware and inappropriate content.
Interoperability with Visual Studio Team System 2010/Visual Studio 11 Developers can use Visual Studio Team System 2010/Visual Studio 11 to create documenthandling processes, help users collaborate through portals and workspaces, and connect users to information in enterprise business systems.
Interoperability with BizTalk Server 2010 BizTalk Server 2010 enables Business Activity Monitoring (BAM). The BAM Portal is a web application that enables transactional data from within the business processes to be fully exposed with the SharePoint Portal Server. BAM provides a web service interface to expose the query of aggregate and instance data, creation of alerts, and retrieval of BAM configurations.
Interoperability with Core and Management Services SharePoint 2010 uses the technologies and services provided by: •
Windows Server 2012 Windows Server provides an installation and deployment platform, granular services, and other essential components and technologies. Active Directory Domain Services can help administrators manage user identities and relationships. Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enables organizations to manage certificate enrollment and revocation in a variety of scalable environments. The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol (LDAP) directory service that provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services.
Architecture Guide
Page 79 of 123
Network Policy and Access Services (NPAS) provides technologies that allow deployment of virtual private networking (VPN), dial-up networking, and 802.11-protected wireless access. With NPAS, organizations can define and enforce policies for network access authentication, authorization, and client health. Group Policy provides an infrastructure for centralized configuration management of the operating system and applications that run on the operating system. Internet Information Services (IIS) 8.0 is a powerful web server that provides a highly reliable, manageable, and scalable web application infrastructure. The Hyper-V virtualization platform can be used to create and manage a virtualized server computing environment. Windows Deployment Services can help administrators remotely deploy Windows operating systems. Windows Firewall with Advanced Security helps protect computers on a network through a stateful firewall that enables administrators to determine what network traffic to permit to pass between a computer and the network. It also includes connection security rules that use Internet Protocol security (IPsec) to help protect traffic as it travels across the network. Storage Spaces enables virtualized storage capabilities by grouping industry-standard disks into storage pools, and then creating virtual disks called storage spaces from the available capacity in the storage pools. •
Forefront Threat Management Gateway 2010 protects the IT environment from Internet-based threats and provides users with faster and more secure remote access to applications and data.
•
Forefront Unified Access Gateway 2010 provides a secure-socket-layer virtual private network, a web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a wide variety of applications.
•
Windows Storage Server 2008 R2 enables high-availability scenarios by providing backup and replication of stored data.
•
Microsoft Hyper-V Server 2008 R2 provides a reliable and optimized virtualization solution that helps organizations improve server use and reduce costs through a small footprint and minimal overhead.
•
The System Center family helps organizations by providing IT with the ability to self-manage and monitor dynamic systems. The System Center family provides: A comprehensive view of the health of the IT environment. Optimized disk-based backup and recovery, more consistent data protection, and features to increase the IT organization’s operational efficiencies. A secure and scalable operating system, application deployment, and configuration management. Unified management of physical and virtual machines, consolidation of underutilized physical servers, and rapid provisioning of new virtual machines. The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines.
Architecture Guide
Page 80 of 123
A flexible platform for automating and adapting IT Service Management best practices to the organization’s requirements. Automated incident response, change and compliance, and service life-cycle management processes. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
Microsoft SQL Server 2008 R2 For more information about general use, and Database Engine, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of SQL Server 2008 R2 with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by SQL Server 2008 R2 in integration with other system components. Bidirectional data synchronization between on-premises and cloud storage
Interoperability with SQL Azure Microsoft SQL Azure Data Sync provides symmetry between SQL Azure and SQL Server through bidirectional data synchronization. This combination provides a bridge, allowing on-premises and off-premises applications to work together.
Associated System Components This section describes the additional dependencies and recommendations for SQL Server 2008 R2 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 1.
Interoperability with Office SharePoint Server 2007 SQL Server 2008 R2 is a relational database that stores all content, data, and configuration information used by Office SharePoint Server 2007.
Interoperability with Core and Management Services For more information about how SQL Server 2008 R2 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 1. In Phase 2, SQL Server 2008 R2 uses the following technologies and services: •
Windows Server 2008 R2 Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries.
Architecture Guide
Page 81 of 123
Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enables organiations to manage certificate enrollment and revocation in a variety of scalable environments. •
System Center family The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
Microsoft SQL Server 2012 For more information about general use, and Database Engine, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of SQL Server 2012 with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by SQL Server 2012 in integration with other system components. Bidirectional data synchronization between on-premises and cloud storage
Interoperability with SQL Azure Microsoft SQL Azure Data Sync provides symmetry between SQL Azure and SQL Server through bidirectional data synchronization. Using SQL Azure Data Sync, organizations can use the power of SQL Azure to build business data hubs in the cloud, allowing information to be easily shared with business partners, remote offices, and enterprise data sources, while taking advantage of new services in the cloud. This combination provides a bridge, enabling on-premises and off-premises applications to work together.
Associated System Components This section describes the additional dependencies and recommendations for SQL Server 2012 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 1.
Interoperability with SharePoint Server 2010 SQL Server 2012 is the relational database used to store all content, data, and configuration information used by SharePoint 2010.
Interoperability with Core and Management Services For more information about how SQL Server 2012 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 1. In Phase 2, SQL Server 2012 uses the following technologies and services:
Architecture Guide
Page 82 of 123
•
Windows Server 2012 Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enabling organizations to manage certificate enrollment and revocation in a variety of scalable environments.
•
System Center family The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
Microsoft Server Security For more information about general use, Internet Security and Acceleration Server 2006 (Firewall Service), Forefront Threat Management Gateway 2010 (Firewall Protection), Microsoft Intelligent Application Gateway 2007, and Microsoft Forefront Unified Access Gateway 2010, sees the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Forefront Security for SharePoint Forefront Security for SharePoint helps organizations to protect Microsoft SharePoint collaboration environments by eliminating documents that contain malicious code, confidential information, and inappropriate content. General Forefront Security for SharePoint TechCenter
http://technet.microsoft.com/hiin/forefront/serversecurity/bb734828(en-us).aspx
System Components Integration This section describes the integration points of Microsoft Forefront Security for SharePoint with other system components.
Associated System Components This section describes the dependencies and recommendations for Microsoft Forefront Security for SharePoint and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with Office SharePoint Server 2007 Forefront Security for SharePoint can help protect Office SharePoint Server 2007 from malicious software and inappropriate content.
Architecture Guide
Page 83 of 123
Forefront Protection 2010 for SharePoint Microsoft Forefront Protection 2010 for SharePoint helps prevent users from uploading or downloading documents that contain malicious software, out-of-policy content, or sensitive information to SharePoint libraries. By using multiple scanning engines from industry-leading security partners, combined with file and keyword filtering, Forefront Protection 2010 for SharePoint provides comprehensive protection against the latest threats. It integrates with SharePoint technologies to provide high performance and easily customized protection that is optimized for SharePoint collaboration environments. General Overview
http://technet.microsoft.com/hi-in/library/cc482990(en-us).aspx
Deployment
http://technet.microsoft.com/hi-in/library/cc482993(en-us).aspx
Operations
http://technet.microsoft.com/hi-in/library/cc483031(en-us).aspx
Technical Reference
http://technet.microsoft.com/hi-in/library/dd639432(en-us).aspx
System Components Integration This section describes the integration points of Forefront Protection 2010 for SharePoint with other system components.
Associated System Components This section describes the dependencies and recommendations for Forefront Protection 2010 for SharePoint and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with SharePoint Server 2010 Forefront Protection 2010 for SharePoint is recommended to help protect SharePoint 2010 from malware and inappropriate content.
Microsoft Forefront Identity Manager 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Forefront Identity Manager 2010 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Server 2008 R2 For more information about general use, active directory domain services, active directory lightweight directory services, network policy and access services, group policy, Internet Information Services 7.0, hyper-v, windows deployment services, and windows firewall with advanced security, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 84 of 123
Active Directory Federation Services Active Directory Federation Services enables two or more organizations to share in the management of digital identities based on trusted business relationships. This is important for facilitating collaboration, reducing cost, and improving security. With Active Directory Federation Services 2.0, IT can enable users to collaborate across organizational boundaries and more easily access on-premises and hosted applications while maintaining application security. General Home Page
http://technet.microsoft.com/library/cc772128(WS.10).aspx
Active Directory Federation Services in http://technet.microsoft.com/enWindows Server 2008 R2 Step-By-Step us/library/dd378921(WS.10).aspx Guide Active Directory Federation Services 2.0 http://technet.microsoft.com/enus/library/dd807036(WS.10).aspx Design Guide
Active Directory Certificate Services Active Directory Certificate Services provides customizable services for issuing and managing certificates used in software security systems that employ public key technologies. Active Directory Certificate Services enables organizations to deploy a digital certificate infrastructure to create a web of authentication among devices, users, and applications. General Home Page
http://technet.microsoft.com/library/cc770357(WS.10).aspx
Migration Guide
http://technet.microsoft.com/enus/library/ee126170(WS.10).aspx
Windows Server 2012 For more information about general use, active directory domain services, active directory lightweight directory services, network policy and access services, group policy, Internet Information Services 8, hyper-v, windows deployment services, windows firewall with advanced security, and storage spaces, see the Plan Development and Deployment of the Solution section in Phase 1.
Active Directory Federation Services Organizations can use Active Directory Federation Services with the Windows Server 2012 operating system to build a federated identity management solution that extends distributed identification, authentication, and authorization services to web-based applications across organizational and platform boundaries. By deploying Active Directory Federation Services, organizations can extend their existing identity management capabilities to the Internet. With Active Directory Federation Services, single sign-on (SSO) can be used to authenticate users to multiple, related web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement rights across security and enterprise boundaries. General Active Directory Federation Services
Architecture Guide
http://msdn.microsoft.com/en-us/library/bb897402.aspx
Page 85 of 123
Active Directory Federation Services overview
http://technet.microsoft.com/en-us/library/hh831502.aspx
Active Directory Federation Services deployment guide
http://technet.microsoft.com/en-us/library/dd807092.aspx
Active Directory Federation Services Design Guide
http://technet.microsoft.com/en-us/library/dd807036.aspx
Active Directory Certificate Services Active Directory Certificate Services provides customizable services for issuing and managing public key infrastructure (PKI) certificates used in software security systems that employ public key technologies. The digital certificates that Active Directory Certificate Services provides can be used to encrypt and digitally sign electronic documents and messages. Further, these digital certificates can be used for authentication of computer, user, or device accounts on a network. General Active Directory Certificate Services
http://technet.microsoft.com/enus/windowsserver/dd448615.aspx
Active Directory Certificate Services overview
http://technet.microsoft.com/en-us/library/cc731564.aspx
Active Directory Certificate Services Step-By-Step Guide
http://technet.microsoft.com/enus/library/cc772393%28v=ws.10%29.aspx
Active Directory Certificate Services Migration Guide
http://technet.microsoft.com/enus/library/ee126170%28v=ws.10%29.aspx
Microsoft System Center For more information about general use, System Center Operations Manager 2007 R2/ System Center 2012 Operations Manager, System Center Data Protection Manager 2010/ System Center 2012 Data Protection Manager, System Center Configuration Manager 2007 R3/ System Center 2012 Configuration Manager, System Center Virtual Machine Manager 2008 R2/ System Center 2012 Virtual Machine Manager, System Center Service Manager 2010/ System Center 2012 Service Manager, and Opalis/ System Center 2012 Orchestrator, see the Plan Development and Deployment of the Solution section in Phase 1.
System Center Virtual Machine Manager Self-service Portal 2.0 Microsoft Virtual Machine Manager Self-service Portal 2.0 is a fully supported solution that is extensible to partners. Organizations can use it to pool, allocate, and manage computing, network, and storage resources to deliver the foundation for a private cloud platform in the data center. General Overview
http://technet.microsoft.com/en-us/library/gg588340.aspx
Supported Configurations
http://technet.microsoft.com/en-us/library/gg588343.aspx
What’s New
http://technet.microsoft.com/en-us/library/gg588341.aspx
Architecture Guide
Page 86 of 123
System Center 2012 App Controller Microsoft System Center 2012 App Controller provides a single, unified console that helps an organization to easily configure, deploy, and manage virtual machines and services across public and private clouds. People can manage application components in the context of the service that they represent to the business, so that IT is managing services rather than servers. General Overview
http://technet.microsoft.com/library/hh546834.aspx
Getting Started
http://technet.microsoft.com/en-US/library/gg696035.aspx
Capability Walkthrough
http://technet.microsoft.com/en-us/video/system-center-appcontroller-2012-capability-walkthrough.aspx
Windows Storage Server 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Storage Server 2008 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Server AppFabric For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Hyper-V Server 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Hyper-V Server 2008 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft BizTalk Server 2009 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of BizTalk Server 2009 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for BizTalk Server 2009 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 87 of 123
Interoperability with Office SharePoint Server 2007 BizTalk Server 2009 enables Business Activity Monitoring (BAM). The BAM Portal is a web application that enables transactional data from within the business processes to be fully exposed with the SharePoint Portal Server. BAM provides a web service interface to expose the query of aggregate and instance data, creation of alerts, and retrieval of BAM configurations.
Interoperability with Core and Management Services For more information about how BizTalk Server 2009 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 1.
In Phase 2, BizTalk Server 2009 uses the following technologies and services: •
Windows Server 2008 R2 Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enables organizations to manage certificate enrollment and revocation in a variety of scalable environments.
•
System Center family The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
Microsoft BizTalk Server 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of BizTalk Server 2010 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for BizTalk Server 2010 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 1.
Interoperability with SharePoint Server 2010 BizTalk Server 2010 enables Business Activity Monitoring (BAM). The BAM Portal is a web application that enables transactional data from within the business processes to be fully exposed with the SharePoint Portal Server. BAM provides a web service interface to expose the query of aggregate and instance data, creation of alerts, and retrieval of BAM configurations.
Architecture Guide
Page 88 of 123
Interoperability with Core and Management Services For more information about how BizTalk Server 2010 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 1. In Phase 2, BizTalk Server 2009 uses the following technologies and services: •
Windows Server 2012 Active Directory Federation Services provides web single sign-on (SSO) technologies to authenticate a user to multiple web applications over the life of a single online session. Active Directory Federation Services accomplishes this by securely sharing digital identity and entitlement across security and enterprise boundaries. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. AD CS can be used to enhance security by binding the identity of a person, device, or service to a corresponding private key. AD CS enables organizations to manage certificate enrollment and revocation in a variety of scalable environments.
•
System Center family The ability to dynamically pool, allocate, and manage data center resources and enable self-service provisioning of virtual machines. Simplified configuration, deployment, and management of virtual machines and services across private and public clouds.
CLIENT TECHNOLOGIES This section contains links to the client technologies that Table 2 references.
Microsoft Office 2007 For more information about general use, Microsoft Office Outlook 2007, Microsoft Office Word 2007, Microsoft Office Excel 2007, and Microsoft Office PowerPoint 2007, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office 2010 For more information about general use, Microsoft Outlook 2010, Microsoft Word 2010, Microsoft Excel 2010, and Microsoft PowerPoint 2010, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office Visio 2007 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Visio 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office Project 2007 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 89 of 123
Microsoft Project 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Forefront Endpoint Protection 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Center 2012 Endpoint Protection For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows 7 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows 8 For more information about general use, and offline files, see the Plan Development and Deployment of the Solution section in Phase 1.
CLOUD TECHNOLOGIES This section contains links to the cloud technologies that Table 2 references.
Business Productivity Online Standard (BPOS) Suite For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Office 365 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft SharePoint Online For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Azure Platform For more information about general use, and active directory access control, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft SQL Azure For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Microsoft SQL Azure with other system components.
Architecture Guide
Page 90 of 123
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by Microsoft SQL Azure in integration with other system components. Bidirectional data synchronization between on-premises and cloud storage
Interoperability with SQL Server 2008 R2 Microsoft SQL Azure Data Sync provides symmetry between SQL Azure and SQL Server through bidirectional data synchronization. This combination provides a bridge, allowing on-premises and off-premises applications to work together.
Interoperability with SQL Server 2012 Microsoft SQL Azure Data Sync provides symmetry between SQL Azure and SQL Server through bidirectional data synchronization. Using SQL Azure Data Sync, organizations can use the power of SQL Azure to build business data hubs in the cloud, allowing information to be easily shared with business partners, remote offices, and enterprise data sources, while taking advantage of new services in the cloud. This combination provides a bridge, allowing on-premises and off-premises applications to work together.
Windows Azure For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1. On-demand compute and storage on the Internet Windows Azure provides on-demand compute and storage capabilities to host, scale, and manages web applications and services on the Internet hosted in Microsoft data centers. Windows Azure provides features that consumers of cloud services require. For example, physical hardware resources are abstracted away and exposed as compute resources ready to be used by cloud applications. Physical storage is abstracted with storage resources and exposed through well-defined storage interfaces. A common Windows fabric abstracts the physical hardware and software platform and exposes virtualized compute and storage resources. In addition, each instance of the application is monitored for availability and scalability and automatically managed. For example, if an application in an instance goes down, the fabric controller will be notified and another instance in another virtual machine (VM) will be instantiated with limited impact to end users. Because of the amount of virtualization, when writing code, developers should avoid any assumptions about the state of the machines hosting their applications. In Windows Azure, services can easily be moved to a new virtual machine. Windows Azure follows a model-driven service management design in which Azure Fabric Controller is responsible for mapping declarative service specifications to available resources and managing the life cycle of the services. Cloud-based development, service hosting, and service management environment Windows Azure is the operating system that serves as the development, run-time, and control environment for the Windows Azure Platform. Windows Azure handles load balancing and resource management and automatically manages the life cycle of a service based on requirements established by the owner of the service.
Architecture Guide
Page 91 of 123
Unified provisioning and billing framework Microsoft Codename "Dallas" is a new service that helps developers and information workers easily discover, purchase, and manage premium data subscriptions in the Windows Azure platform. Dallas is an information marketplace that brings data, imagery, and real-time web services from leading commercial data providers and authoritative public data sources together into a single location, under a unified provisioning and billing framework. Additionally, Dallas APIs allow developers and information workers to consume this premium content with virtually any platform, application, or business workflow.
AppFabric For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1. Bidirectional communication in an interoperable manner through composite applications, custom web applications, and packaged line-of-business AppFabric Service Bus gives developers the flexibility to connect applications and to choose how they communicate. This helps to build distributed and composite applications while also helping address the challenges presented by firewalls, NATs, dynamic IP, and disparate domains and identity systems. AppFabric Service Bus supports bidirectional communication via full-duplex, connection-oriented sessions between sender and listener. It also supports unicast and multicast datagram distribution via one-way messaging. Ability to publish and subscribe for multicasting AppFabric Service Bus helps users expose application or service functionality across a variety of network-related constraints and establishes connectivity and flexible communication among applications. After AppFabric Service Bus has established connectivity among applications, it provides flexibility for how applications can communicate with each other. It helps developers build solutions with different communication patterns, including relayed, buffered, bidirectional, publish-subscribe, multicast, streaming, and direct-connect. AppFabric Service Bus provides each service a stable Internetaccessible Uniform Resource Identifier (URI) that any authorized client application can access.
Microsoft Online Backup Service For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the integration points of Microsoft Online Backup Service with other system components.
Usage Scenarios This section describes the usage scenarios supported by Microsoft Online Backup Service. On-demand compute and storage on the Internet For more information about how the Microsoft Online Backup Service supports this scenario, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 92 of 123
DEVELOPMENT TOOLS This section contains links to the development tools that Table 2 references.
Microsoft .NET Framework 4.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Visual Studio Team Foundation Server 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the integration points of Visual Studio Team Foundation Server 2010 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Visual Studio Team Foundation Server 2010 in integration with other system components. Creation, prototyping, and deployment of applications that integrate data across the organization For more information about how the Visual Studio Team Foundation Server 2010 supports this scenario, see the Plan Development and Deployment of the Solution section in Phase 1.
Visual Studio 11 Team Foundation Server For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the integration points of Visual Studio 11 Team Foundation Server with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Visual Studio 11 Team Foundation Server in integration with other system components. Creation, prototyping, and deployment of applications that integrate data across the organization Team Foundation Server (TFS) is intended for collaborative software development projects. Users can run, monitor, and manage builds using Team Foundation Build to compile code and run tests. Users can also quickly prototype a new or modified interface.
Microsoft Visual Studio Team System 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 93 of 123
System Components Integration This section describes the additional and enhanced integration points of Visual Studio Team System 2008 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for Visual Studio Team System 2008 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with Office SharePoint Server 2007 Developers can use Visual Studio Team System 2008 to create document-handling processes, help users collaborate through portals and workspaces, and connect users to information in enterprise business systems.
Microsoft Visual Studio Team System 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Visual Studio Team System 2010 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for Visual Studio Team System 2010 and highlights capabilities as enabled directly or when integrated with another system component.
Interoperability with SharePoint 2010 Developers can use Visual Studio Team System 2010 to create document-handling processes, help users collaborate through portals and workspaces, and connect users to information in enterprise business systems.
Visual Studio 11 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Visual Studio 11 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for Visual Studio 11 and highlights capabilities as enabled directly or when integrated with another system component.
Architecture Guide
Page 94 of 123
Interoperability with SharePoint 2010 Developers can use Visual Studio 11 to create document-handling processes, help users collaborate through portals and workspaces, and connect users to information in enterprise business systems.
Windows Communications Foundation (WCF) Services For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
TOOLS This section contains links to the tools that Table 2 references.
Microsoft Assessment and Planning Toolkit 6.0/6.5 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Security Assessment Tool For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Software Inventory Analyzer 5.0/5.1 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Deployment Toolkit 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Deployment Toolkit 2012 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Automated Installation Kit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Security Compliance Management Toolkit For more information about general use, and Microsoft Security Compliance Manager, see the Plan Development and Deployment of the Solution section in Phase 1.
Compliance Management Libraries/2.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 95 of 123
Windows SDK Windows Software Development Kit contains tools and APIs that can be used to create applications for the Windows operating system. Developers can use the Windows SDK, along with their chosen development environment, to write native or managed Windows Store apps, desktop applications that use the native (Win32/COM) programming model, or desktop applications that use the managed (.NET Framework) programming model. Windows SDK supports Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 operating systems. General Overview
http://msdn.microsoft.com/en-us/library/ms717422.aspx
Development Resources in the Windows SDK
http://msdn.microsoft.com/en-us/library/ff660763.aspx
What's New in the Windows SDK
http://msdn.microsoft.com/en-us/library/ms717428.aspx
Data Classification Toolkit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
IT Governance, Risk, and Compliance Process Management pack/2.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
BizTalk ESB Toolkit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 96 of 123
Phase 3 This section provides the definition, Optimization mapping; technology mapping; logical architecture; illustrative physical architecture; system components; and references to plan, develop, and deploy Phase 3.
Envision the Solution This section provides the definition of Phase 3 and other useful information, such as starting points, to help you envision your solution’s definition, Optimization mapping, and technology mapping.
Definition Phase 3 is a robust, enterprise-class deployment that addresses the following goals:
Refines, integrates, and streamlines to maximize value contribution.
Helps your customers realize the fully-achieved solution vision.
The conceptual architecture diagram in Figure represents the collective set of business capabilities that Phase 3 includes. Figure 13 Conceptual architecture diagram for Phase 3
Architecture Guide
Page 97 of 123
This section describes the integrated capabilities of the Phase 3 solution. Organizations can use this section to better understand which integrated capabilities they need to customize for the solution to meet specific business needs. Organizations that require a Phase 3 solution for Azure need to provide a simple, reliable, flexible, and secure solution that is deployed from the cloud and integrates with on-premises assets. They need a solution that gives supervision and control of distributed data assets along with a consistent development and management experience across on-premises environment and the cloud. Organizations need to extend the availability of on-premises data to allow information to be easily shared with remote offices, mobile workers, and business partners through the cloud from multiple locations. They need to provide business data hubs in the cloud. They also need to provide a reliable and secure platform to scale services and accommodate customer demands and business needs via rules-based authorization and a flexible, standards-based service that supports multiple credentials and parties.
Optimization Mapping Figure shows the Optimization mapping for Phase 3. Figure 14 Optimization mapping for Phase 3
Architecture Guide
Page 98 of 123
Architecture Guide
Page 99 of 123
Architecture Guide
Page 100 of 123
Technology Mapping Phase 3 requires the following Microsoft technologies:
Client Technologies Office 2007 / 2010
Office Outlook 2007 / Outlook 2010, Office Word 2007 / Word 2010, Office Excel 2007 / Excel 2010, Office PowerPoint 2007 / PowerPoint 2010
Office Visio 2007 / Visio 2010
Office Project 2007 / Project 2010
Forefront Endpoint Protection 2010 / System Center 2012 Endpoint Protection
Windows 7 / 8
Server Technologies Office SharePoint Server 2007 / SharePoint Server 2010
SQL Server 2008 R2 / 2012
Microsoft Server Security
Forefront Security for SharePoint / Forefront Protection 2010 for SharePoint
Internet Security and Acceleration Server 2006 / Forefront Threat Management Gateway 2010
Intelligent Application Gateway 2007 / Forefront Unified Access Gateway 2010
Forefront Identity Manager 2010 / 2010 R2
Windows Server 2008 R2 / 2012
Microsoft System Center
System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager
System Center Data Protection Manager 2010 / System Center 2012 Data Protection Manager
System Center Configuration Manager 2007 R3 / System Center 2012 Configuration Manager
System Center Virtual Machine Manager 2008 R2 / System Center 2012 Virtual Machine Manager
System Center Virtual Machine Manager Self Service Portal 2.0
System Center Service Manager 2010 / System Center 2012 Service Manager
Opalis / System Center 2012 Orchestrator
System Center 2012 App Controller
Windows Storage Server 2008 / 2008 R2
Windows Server AppFabric
Hyper-V Server 2008 / 2008 R2
BizTalk Server 2009 / 2010
Architecture Guide
Page 101 of 123
Cloud Technologies Business Productivity Online Services / Office 365
SharePoint Online
Windows Azure platform
Windows Azure
Windows Azure AppFabric
SQL Azure
Online Backup Service
Development Tools .NET Framework
Visual Studio 2010 Team Foundation Server / Visual Studio 11 Team Foundation Server
Visual Studio Team System 2008 / 2010 / 11
Windows Communications Foundation (WCF) Services
Tools Assessment and Planning Toolkit 6.0 / 6.5
Security Assessment Tool
Software Inventory Analyzer 5.0 / 5.1
Deployment Toolkit 2010 / 2012
Windows Automated Installation Kit
Security Compliance Management Toolkit
Compliance Management Libraries 2.0
Windows SDK
Data Classification Toolkit
IT Governance, Risk and Compliance Process Management Pack 2.0
BizTalk ESB Toolkit
Architecture Guide
Page 102 of 123
Architect the Solution This section provides the logical architecture, illustrative physical architecture, and list of required system components for Phase 3, which are useful starting points to help you design your solution.
Logical Architecture Figure 15 is the logical architecture diagram that shows the infrastructure of Phase 3 and its functionalities. This diagram provides a high-level overview of the requirements to implement Phase 3. This diagram is a starting point; you should customize it to meet the specific needs of your organization. Figure 15 Logical architecture diagram of Phase 3
Illustrative Physical Architecture Figure 16 is an illustrative physical architecture diagram for Phase 3. A physical architecture diagram shifts from describing technologies as capabilities and roles to describing physical systems. As with all sample diagrams, you should customize this diagram to meet the specific needs of your organization. For more information about customizing this diagram (including the required software product editions), see Plan Development and Deployment of the Solution in Phase 3.
Architecture Guide
Page 103 of 123
Figure 16 Physical architecture for Phase 3
System Components This section lists the system components that Phase 3 requires. The system components consist of product components that are grouped by product families. Table 3 lists the product components that each solution capability in Phase 3 needs. You can use this table to better understand which product components you need to meet the specific solution capability requirements for your customized solution. The legend for the table is as follows: X
Product must be included to enable the solution capability.
*
Product is recommended to better enable the solution capability.
Architecture Guide
Page 104 of 123
*
Forefront Endpoint Protection 2010 / System Center 2012 Endpoint Protection
*
*
*
*
*
*
Windows 7
X
X
X
X
X
X
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
Applications that integrate with existing on-premises environments
*
Cloud-based development, service hosting, and service management environment
Business data hubs in the cloud
*
Product component
*
X
*
*
*
X
X
X
Flexible, standards-based service to support multiple credentials and relying parties
Web applications and services that supports multiple languages and standards
*
Product family
Federated identity and access control to secure applications
Simple, reliable, flexible, and powerful cloud platform
Rule-based authorization for services and applications
Table 3 System components for Phase 3
CLIENT TECHNOLOGIES Office 2007 / 2010 Office Outlook 2007 / Outlook 2010, Office Word 2007 / Word 2010, Office Excel 2007 / Excel 2010, Office PowerPoint 2007 / PowerPoint 2010
*
Office Visio 2007 / Visio 2010 Office Project 2007 / Project 2010
Windows 8 Offline Files DirectAccess
*
SERVER TECHNOLOGIES Office SharePoint Server 2007 / SharePoint Server 2010* Sites and Portals
X
X
Single Sign-On Service / Secure Store Service*
X
X
X
X
*
*
*
*
X
X
X
*
*
*
*
X
X
X
X
X
X
X
*
*
*
*
*
*
*
SQL Server 2008 R2 / 2012 Database Engine Server Security Forefront Security for SharePoint / Forefront Protection 2010 for SharePoint
Architecture Guide
Page 105 of 123
Simple, reliable, flexible, and powerful cloud platform
Web applications and services that supports multiple languages and standards
Business data hubs in the cloud
Applications that integrate with existing on-premises environments
Federated identity and access control to secure applications
Rule-based authorization for services and applications
Flexible, standards-based service to support multiple credentials and relying parties
Cloud-based development, service hosting, and service management environment
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
X
X
X
X
X
X
X
X
X
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
X
X
X
X
X
X
X
Active Directory Federation Services
*
X
*
*
*
*
Active Directory Certificate Services
*
Product family Product component
Internet Security and Acceleration Server 2006 / Forefront Threat Management Gateway 2010 Firewall Intelligent Application Gateway 2007 / Forefront Unified Access Gateway 2010 Forefront Identity Manager 2010 / 2010 R2 Windows Server 2008 R2 / 2012* Active Directory® Domain Services
Active Directory Lightweight Directory Services
X
*
X
*
*
Network Policy and Access Services
* *
*
*
*
*
*
Group Policy
*
*
*
*
*
*
*
Internet Information Services (IIS) 7/8
*
X
*
*
*
*
*
Hyper-V
*
*
Windows Deployment Services Windows Firewall with Advanced Security DirectAccess
*
*
X
X
*
*
*
*
* *
*
*
*
*
*
*
*
Storage Spaces* System Center
Architecture Guide
Page 106 of 123
Flexible, standards-based service to support multiple credentials and relying parties
Cloud-based development, service hosting, and service management environment
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
*
*
*
Rule-based authorization for services and applications
*
Federated identity and access control to secure applications
*
Applications that integrate with existing on-premises environments
*
Business data hubs in the cloud
*
Web applications and services that supports multiple languages and standards
*
Simple, reliable, flexible, and powerful cloud platform
*
System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager
*
*
*
*
*
*
System Center Data Protection Manager 2010 / System Center 2012 Data Protection Manager
*
*
*
*
System Center Configuration Manager 2007 R3 / System Center 2012 Configuration Manager
*
*
*
*
System Center Virtual Machine Manager 2008 R2 / System Center 2012 Virtual Machine Manager
*
*
*
*
Product family Product component
*
*
System Center Virtual Machine Manager Self Service Portal 2.0
*
System Center Service Manager 2010 / System Center 2012 Service Manager
*
*
*
*
*
*
*
*
*
Opalis / System Center 2012 Orchestrator
*
*
*
*
*
*
*
*
*
*
*
*
*
System Center 2012 App Controller
*
* *
Windows Storage Server 2008 / 2008 R2
*
*
Windows Server AppFabric
X
X
Hyper-V Server 2008 / 2008 R2
*
BizTalk Server 2009 / 2010
X
*
X
*
X *
X
X
X
X
*
*
*
X *
*
*
*
X
*
*
CLOUD TECHNOLOGIES BPOS / Office 365* SharePoint Online
X
X
Windows Azure platform
Architecture Guide
Page 107 of 123
X
X
Windows Azure AppFabric
X
X
X
X
X
Active Directory Access Control SQL Azure
* X
X
X
X
X X
X X
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
X
Cloud-based development, service hosting, and service management environment
Applications that integrate with existing on-premises environments
X
Flexible, standards-based service to support multiple credentials and relying parties
Business data hubs in the cloud
Rule-based authorization for services and applications
Web applications and services that supports multiple languages and standards
X
Product component
Federated identity and access control to secure applications
Simple, reliable, flexible, and powerful cloud platform
Windows Azure
Product family
X
Online Backup Service
X
X
X
X
*
DEVELOPMENT TOOLS .NET Framework
X
X
X
X
X
X
X
Visual Studio 2010 Team Foundation Server / Visual Studio 11 Team Foundation Server
X
X
X
X
X
X
X
Visual Studio Team System 2008 / 2010 / 11
X
X
X
X
X
X
X
Windows Communications Foundation (WCF) Services
*
*
*
TOOLS, ADD-INS, LIBRARIES, AND FRAMEWORKS Assessment and Planning Toolkit 6.0 / 6.5
*
*
*
Security Assessment Tool
*
*
*
Software Inventory Analyzer 5.0 / 5.1
*
Deployment Toolkit 2010 / 2012
*
Windows Automated Installation Kit
*
*
Security Compliance Management Toolkit Security Compliance Manager 2.x Compliance Management Libraries 2.0
*
* *
Windows SDK Data Classification Toolkit
Architecture Guide
Page 108 of 123
IT Governance, Risk and Compliance Process Management Pack 2.0 BizTalk ESB Toolkit
Interoperable bidirectional communication through composite applications, custom web applications, and packaged LOB applications
Cloud-based development, service hosting, and service management environment
Flexible, standards-based service to support multiple credentials and relying parties
Rule-based authorization for services and applications
Federated identity and access control to secure applications
Applications that integrate with existing on-premises environments
Business data hubs in the cloud
Product component
Web applications and services that supports multiple languages and standards
Simple, reliable, flexible, and powerful cloud platform
Product family
* *
* *
*
Plan Development and Deployment of the Solution This section provides references to help you plan to develop and deploy the server product components that are relevant to Phase 3.
SERVER TECHNOLOGIES This section contains links to the server technologies that Table 3 references.
Microsoft Office SharePoint Server 2007 For more information about general use, and Portals, see the Plan Development and Deployment of the Solution section in Phase 2.
Single Sign-on Services Microsoft Office SharePoint Server 2007 features Single Sign-on (SSO) Services, which provides storage and mapping of credentials such as account names and passwords. Using SSO, portal site-based applications can retrieve information from third-party applications and back-end systems such as Enterprise Resource Planning (ERP) and Customer Relations Management (CRM) systems. With single sign-on functionality, people need to authenticate only once when accessing portal site-based applications that need to obtain information from other business applications and systems. General Overview
http://msdn.microsoft.com/en-us/library/ms580316.aspx
Configure Single Sign-on Services
http://technet.microsoft.com/en-us/library/cc262932.aspx
Start Single Sign-on Services
http://technet.microsoft.com/en-us/library/cc262235.aspx
Architecture Guide
Page 109 of 123
System Components Integration This section describes the additional and enhanced integration points of Office SharePoint Server 2007 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for Office SharePoint Server 2007 and highlights the capabilities as enabled directly or when integrated with other system components. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 2.
Interoperability with Core and Management Services For more information about how Office SharePoint Server 2007 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 2. In Phase 3, Office SharePoint Server 2007 uses the following technologies and services: •
Windows Server 2008 R2 DirectAccess enables remote users to more securely access enterprise shares, websites, and applications without connecting to a virtual private network (VPN).
Microsoft SharePoint 2010 For more information about general use, and SharePoint Sites, see the Plan Development and Deployment of the Solution section in Phase 2.
Secure Store Service In Microsoft SharePoint 2010, the Secure Store Service replaces the single sign-on (SSO) feature. The Secure Store Service is a claims-aware authorization service that includes a secure database for storing credentials that are associated with application IDs. People can use these application IDs to authorize access to external data sources. General Plan the Secure Store Service
http://technet.microsoft.com/enus/library/ee806889(office.14).aspx
Configure the Secure Store Service
http://technet.microsoft.com/enus/library/ee806866(office.14).aspx
System Components Integration This section describes the additional and enhanced integration points of SharePoint 2010 with other system components.
Associated System Components This section describes the additional dependencies and recommendations for SharePoint 2010 and highlights the capabilities as enabled directly or when integrated with other system components.
Architecture Guide
Page 110 of 123
For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 2.
Interoperability with Core and Management Services For more information about how SharePoint 2010 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 2. In Phase 3, SharePoint 2010 uses the following technologies and services: •
Windows Server 2012 DirectAccess enables remote users to more securely access enterprise shares, websites, and applications without connecting to a virtual private network (VPN).
Microsoft SQL Server 2008 R2 For more information about general use, and Database Engine, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of SQL Server 2008 R2 with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by SQL Server 2008 R2 in integration with other system components. Business data hubs in the cloud
Interoperability with SQL Azure Using SQL Azure Data Sync, organizations can use the power of SQL Azure and Microsoft Sync Framework to build business data hubs in the cloud to enable information to be easily shared with mobile users, business partners, remote offices, and enterprise data sources—all while taking advantage of new services in the cloud.
Associated System Components This section describes the additional dependencies and recommendations for SQL Server 2008 R2 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 2.
Interoperability with Core and Management Services For more information about how SQL Server 2008 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 2. In Phase 3, SQL Server 2008 R2 uses the following technologies and services: •
Windows Server 2008 R2 DirectAccess enables remote users to more securely access enterprise shares, websites, and applications without connecting to a virtual private network (VPN).
Architecture Guide
Page 111 of 123
Microsoft SQL Server 2012 For more information about general use, and Database Engine, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of SQL Server 2012 with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by SQL Server 2012 in integration with other system components. Business data hubs in the cloud
Interoperability with SQL Azure Using SQL Azure Data Sync, organizations can use the power of SQL Azure and Microsoft Sync Framework to build business data hubs in the cloud allowing information to be easily shared with mobile users, business partners, remote offices, and enterprise data sources—all while taking advantage of new services in the cloud.
Associated System Components This section describes the additional dependencies and recommendations for SQL Server 2012 and highlights capabilities as enabled directly or when integrated with another system component. For more information about the associated system components, see the Plan Development and Deployment of the Solution section in Phase 2.
Interoperability with Core and Management Services For more information about how SQL Server 2012 integrates with Core and Management Services, see the Plan Development and Deployment of the Solution section in Phase 2. In Phase 3, SQL Server 2012 uses the following technologies and services: •
Windows Server 2012 DirectAccess enables remote users to more securely access enterprise shares, websites, and applications without connecting to a virtual private network (VPN).
Microsoft Server Security For more information about general use, Internet Security and Acceleration Server 2006 (Firewall Service), Forefront Threat Management Gateway 2010 (Firewall Protection), Microsoft Intelligent Application Gateway 2007, and Microsoft Forefront Unified Access Gateway 2010, sees the Plan Development and Deployment of the Solution section in Phase 1. For more information about Microsoft Forefront Security for SharePoint, and Forefront Protection 2010 for SharePoint, see the Plan Development and Deployment of the Solution section in Phase 2.
Microsoft Forefront Identity Manager 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 112 of 123
Microsoft Forefront Identity Manager 2010 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Server 2008 R2 For more information about general use, active directory domain services, active directory lightweight directory services, network policy and access services, group policy, Internet Information Services 7.0, hyper-v, windows deployment services, and windows firewall with advanced security, see the Plan Development and Deployment of the Solution section in Phase 1. For more information about active directory federation services, and active directory certificate services, see the Plan Development and Deployment of the Solution section in Phase 2.
DirectAccess DirectAccess is a feature in the Windows 7 and Windows Server 2008 R2 operating systems that gives users the experience of being seamlessly connected to the corporate network any time they have Internet access. With DirectAccess, organizations can manage mobile computers any time the computers have Internet connectivity, which helps to ensure that mobile users stay up-to-date with security and system health policies. General Overview
http://technet.microsoft.com/enus/library/dd758757(v=ws.10).aspx
DirectAccess Design Guide
http://technet.microsoft.com/enus/library/ee382297(WS.10).aspx
DirectAccess Deployment Guide
http://technet.microsoft.com/enus/library/ee649163(WS.10).aspx
DirectAccess Troubleshooting Guide
http://technet.microsoft.com/enus/library/ee624056(WS.10).aspx
System Components Integration This section describes the integration points of Windows Server 2008 R2 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Windows Server 2008 R2 in integration with other system components. Federated identity and access control to secure applications
Interoperability with Windows Azure Platform Active Directory Access Control of Windows Azure Platform helps to build federated authorization into applications and services, without the complicated programming that is normally required to secure applications that extend beyond organizational boundaries. It provides claims-based access control in the cloud and includes a claims transformation engine that federates with identity providers like Active Directory Federation Services 2.0.
Architecture Guide
Page 113 of 123
Rule-based authorization for services and applications
Interoperability with Windows Azure AppFabric Windows Azure Platform AppFabric provides federated identity and access control through rulebased authorization and enables applications to respond as if the user accounts were managed locally. Administrators can create user accounts that federate a customer's existing identity management system that uses the Active Directory service, other directory systems, or any standards-based infrastructure.
Windows Server 2012 For more information about general use, active directory domain services, active directory lightweight directory services, network policy and access services, group policy, Internet Information Services 8, hyper-v, windows deployment services, windows firewall with advanced security, and storage spaces, see the Plan Development and Deployment of the Solution section in Phase 1. For more information about active directory federation services, and active directory certificate services, see the Plan Development and Deployment of the Solution section in Phase 2.
DirectAccess Windows Server 2012 offers DirectAccess, an enhanced remote access feature that allows connectivity to corporate network resources without the need for traditional virtual private network (VPN) connections. DirectAccess provides support only for domain-joined Windows 8 and Windows 7 clients. Windows Server 2012 DirectAccess provides multiple updates and improvements to address deployment blockers and provide simplified management. General Overview
http://technet.microsoft.com/en-us/library/hh831416
DirectAccess Offline Domain Join
http://technet.microsoft.com/en-us/library/jj574150.aspx
System Components Integration This section describes the integration points of Windows Server 2012 with other system components.
Usage Scenarios This section describes the usage scenarios as supported by Windows Server 2012 in integration with other system components. Federated identity and access control to secure applications
Interoperability with Windows Azure Platform Active Directory Access Control of Windows Azure Platform helps to build federated authorization into applications and services, without the complicated programming that is normally required to secure applications that extend beyond organizational boundaries. It provides claims-based access control in the cloud and includes a claims transformation engine that federates with identity providers like Active Directory Federation Services 2.0.
Architecture Guide
Page 114 of 123
Rule-based authorization for services and applications
Interoperability with Windows Azure AppFabric Windows Azure Platform AppFabric provides federated identity and access control through rulebased authorization and enables applications to respond as if the user accounts were managed locally. Administrators can create user accounts that federate a customer's existing identity management system that uses the Active Directory service, other directory systems, or any standards-based infrastructure.
Microsoft System Center For more information about general use, System Center Operations Manager 2007 R2 / System Center 2012 Operations Manager, System Center Data Protection Manager 2010/ System Center 2012 Data Protection Manager, System Center Configuration Manager 2007 R3/ System Center 2012 Configuration Manager, System Center Virtual Machine Manager 2008 R2/ System Center 2012 Virtual Machine Manager, System Center Service Manager 2010/ System Center 2012 Service Manager, and Opalis/ System Center 2012 Orchestrator, see the Plan Development and Deployment of the Solution section in Phase 1.
System Center 2012 Virtual Machine Manager Windows Storage Server 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Storage Server 2008 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Server AppFabric For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Hyper-V Server 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Hyper-V Server 2008 R2 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft BizTalk Server 2009 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of BizTalk Server 2009 with other system components.
Architecture Guide
Page 115 of 123
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by BizTalk Server 2009 in integration with other system components. Applications that integrate with existing on-premises environments
Interoperability with Azure AppFabric Microsoft BizTalk Server enables organizations to connect and extend heterogeneous systems across the enterprise and with trading partners. The Service Bus is part of Windows Azure AppFabric that provides connectivity, queuing, and routing capabilities not only for cloud applications but also for on-premises applications. Using both together enables organizations to build secure, reliable, and scalable hybrid solutions that span cloud and on-premises environments: •
Exchange electronic documents with trading partners.
•
Expose services running on-premises behind firewalls to third parties.
•
Enable communication between spoke branches and a hub back-office system.
Microsoft BizTalk Server 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of BizTalk Server 2010 with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by BizTalk Server 2010 in integration with other system components. Applications that integrate with existing on-premises environments
Interoperability with Azure AppFabric Microsoft BizTalk Server enables organizations to connect and extend heterogeneous systems across the enterprise and with trading partners. The Service Bus is part of Windows Azure AppFabric that provides connectivity, queuing, and routing capabilities not only for cloud applications but also for on-premises applications. Using both together enables organizations to build secure, reliable, and scalable hybrid solutions that span cloud and on-premises environments: •
Exchange electronic documents with trading partners.
•
Expose services running on-premises behind firewalls to third parties.
•
Enable communication between spoke branches and a hub back-office system.
Architecture Guide
Page 116 of 123
CLIENT TECHNOLOGIES This section contains links to the client technologies that Table 3 references.
Microsoft Office 2007 For more information about general use, Microsoft Office Outlook 2007, Microsoft Office Word 2007, Microsoft Office Excel 2007, and Microsoft Office PowerPoint 2007, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office 2010 For more information about general use, Microsoft Outlook 2010, Microsoft Word 2010, Microsoft Excel 2010, and Microsoft PowerPoint 2010, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office Visio 2007 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Visio 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Office Project 2007 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Project 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Forefront Endpoint Protection 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Center 2012 Endpoint Protection For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows 7 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows 8 For more information about general use, and offline files, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 117 of 123
Direct Access DirectAccess allows connectivity to corporate network resources without the need for traditional Virtual Private Network (VPN) connections. Windows Routing and Remote Access Server (RRAS) provide traditional VPN connectivity for legacy clients, non-domain joined clients, and third-party VPN clients. RRAS also provides site-to-site connections between servers. General Overview
http://technet.microsoft.com/en-us/library/hh831416.aspx
Install and Configure Basic Remote Access
http://technet.microsoft.com/en-us/library/jj574162.aspx
Work Smart: Connecting Remotely Using Windows 8 DirectAccess
http://www.microsoft.com/enus/download/details.aspx?id=34764
Deploy Remote Access in an Enterprise http://technet.microsoft.com/en-us/library/jj134200.aspx
CLOUD TECHNOLOGIES This section contains links to the cloud technologies that Table 3 references.
Business Productivity Online Standard (BPOS) Suite For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Office 365 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft SharePoint Online For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Azure Platform For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft SQL Azure For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Microsoft SQL Azure with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by Microsoft SQL Azure in integration with other system components.
Architecture Guide
Page 118 of 123
Business data hubs in the cloud
Interoperability with SQL Server 2008 R2 / 2012 Using SQL Azure Data Sync, organizations can use the power of SQL Azure and Microsoft Sync Framework to build business data hubs in the cloud to enable information to be easily shared with mobile users, business partners, remote offices, and enterprise data sources—all while taking advantage of new services in the cloud.
Windows Azure For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Windows Azure with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by Windows Azure in integration with other system components. Simple, reliable, flexible, and powerful cloud platform Windows Azure is a flexible platform that supports multiple languages and integrates with existing onpremises environments. It provides on-demand computing capacity for its analytics applications and complements on-premises capabilities with a flexible, reliable solution that can support bursts in computing activity over short periods of time, deliver enhanced services for more customers, empower innovation, and provide organizations with increased business agility. Web applications and services that support multiple languages and standards Windows Azure platform has been built to be interoperable. As an open platform, Windows Azure offers choices to developers. It enables them to use multiples languages (.NET, PHP, Ruby, Python, and Java) and development tools (Visual Studio, Eclipse) to build applications that run on Windows Azure and/or use any of the Windows Azure platform offerings from any other cloud or on-premises platform. With its standards-based and interoperable approach, the Windows Azure platform supports multiple Internet protocols, including HTTP, XML, SOAP and REST—key pillars of data portability. Applications that integrate with existing on-premises environments
Interoperability with BizTalk Server Microsoft BizTalk Server enables organizations to connect and extend heterogeneous systems across the enterprise and with trading partners. The Service Bus is part of Windows Azure AppFabric that provides connectivity, queuing, and routing capabilities not only for cloud applications but also for on-premises applications. Using both together enables organizations to build secure, reliable, and scalable hybrid solutions that span cloud and on-premises environments: •
Exchange electronic documents with trading partners.
•
Expose services running on-premises behind firewalls to third parties.
Architecture Guide
Page 119 of 123
•
Enable communication between spoke branches and a hub back-office system.
Active Directory Access Control For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
System Components Integration This section describes the additional and enhanced integration points of Active Directory Access Control with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by Active Directory Access Control in integration with other system components. Federated identity and access control to secure applications
Interoperability with Windows Server 2008 R2 / 2012 Access Control helps to build federated authorization into applications and services, without the complicated programming that is normally required to secure applications that extend beyond organizational boundaries. It provides claims-based access control in the cloud and includes a claims transformation engine that federates with identity providers like Active Directory Federation Services 2.0.
Flexible standards-based service to support multiple credentials and relay parties With its support for a simple declarative model of rules and claims, Access Control rules can easily and flexibly be configured to cover a variety of security needs and different identity-management infrastructures. The Service Bus relies on Access Control for securing access to the relay. Access Control makes it possible to use a modern, claims-based authentication and authorization model without requiring organizations to build this complex infrastructure. The Service Bus trusts the claims produced by Access Control, which it can then process to determine if clients and services should be allowed to “send to” or “listen on” a particular Service Bus address. Clients and services must present credentials to Access Control to acquire a security token for the Service Bus. They can provide a variety of different credentials. Once authenticated, Access Control will issue the authorization token for the Service Bus relay.
AppFabric For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 120 of 123
System Components Integration This section describes the additional and enhanced integration points of AppFabric with other system components.
Usage Scenarios This section describes the additional and enhanced usage scenarios as supported by AppFabric in integration with other system components. Rule-based authorization for services and applications
Interoperability with Windows Server 2008 R2 / 2012 Windows Azure Platform AppFabric provides federated identity and access control through rulebased authorization and enables applications to respond as if the user accounts were managed locally. Administrators can create user accounts that federate a customer's existing identity management system that uses the Active Directory service, other directory systems, or any standards-based infrastructure.
Microsoft Online Backup Service For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
DEVELOPMENT TOOLS This section contains links to the development tools that Table 3 references.
Microsoft .NET Framework 4.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Visual Studio Team Foundation Server 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Visual Studio 11 Team Foundation Server For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Visual Studio Team System 2008 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Visual Studio Team System 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Visual Studio 11 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 121 of 123
Windows Communications Foundation (WCF) Services For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
TOOLS This section contains links to the tools that Table 3 references.
Microsoft Assessment and Planning Toolkit 6.0/6.5 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Security Assessment Tool For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Software Inventory Analyzer 5.0/5.1 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Deployment Toolkit 2010 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Microsoft Deployment Toolkit 2012 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows Automated Installation Kit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Security Compliance Management Toolkit For more information about general use, and Microsoft Security Compliance Manager, see the Plan Development and Deployment of the Solution section in Phase 1.
Compliance Management Libraries/2.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Windows SDK For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 2.
Data Classification Toolkit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 122 of 123
IT Governance, Risk, and Compliance Process Management Pack/2.0 For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
BizTalk ESB Toolkit For more information about general use, see the Plan Development and Deployment of the Solution section in Phase 1.
Architecture Guide
Page 123 of 123
View more...
Comments