inset
Management Product Roadmap Expanding
May 23, 2005

To differentiate itself from its Unix and Linux competitors and encourage more use of its core products, Microsoft is increasingly integrating management deeply into the Windows Server System. However, the company is still struggling to explain how current products and technologies will evolve to meet the visions expressed in the Dynamic Systems Initiative, Microsoft's long-term and unproven plan for "baking" management into all system components, including applications.

Evolving Strategy for Systems Management

Microsoft's plans for management products and technologies have evolved somewhat over recent years.

When Microsoft laid out its systems management strategy in the spring of 2003, it wanted Windows application developers to begin designing manageability into their products, as Microsoft believed that "bolting on" management after the fact was ineffective. The 2003 strategy invited developers to do two things: instrument their applications to expose significant events and performance metrics that could be captured by external management software, and build operational and health models for their applications that would aid IT operations personnel in interpreting the instrumentation data and monitoring the applications' health. An overarching project called the Dynamic Systems Initiative (DSI) would guide development of the models, tools, and products needed to accomplish these goals.

In spring 2004, the company announced ambitious plans to make its Microsoft Operations Manager (MOM) server-monitoring product more powerful and ubiquitous, and the company shifted the responsibility for writing MOM management packs (MPs)—sets of rules and scripts for monitoring the health of a system component—for its own Windows Server System products from the MOM team to the various product groups. (Microsoft later formalized this responsibility as part of its Common Engineering Criteria 2005 specification.) However, it added little new detail on its DSI plans.

Microsoft also announced plans to consolidate various management products into a unified product called Systems Center. Initially a suite of MOM and Systems Management Server (SMS), future versions would evolve into a single unified product that used a single common management database. However, Microsoft was somewhat vague on the role this product would play in the DSI and what advantages the consolidated approach would convey.

The 2005 Strategy

At the Apr. 2005 Microsoft Management Summit (MMS), Microsoft unveiled further changes and details about its management strategy and product plans.

Support multiple management products. After Microsoft announced Systems Center, customers made it clear that they didn't see enough value in a consolidated management product to offset the awkward design and transition problems created by merging the very different SMS and MOM. In response, Microsoft decided to steer away from the traditional consolidated management product model toward what it describes as a "federated" model. Microsoft plans to maintain MOM and SMS as separate products, each with its own SQL Server database, and will offer a third product, Reporting Manager, that analyzes and reports data from both.

The name "Systems Center" now becomes a brand, in the same vein as "Office" or Hewlett-Packard's (HP's) "OpenView," that will eventually apply to all of Microsoft's management products. As other products are added to the company's management portfolio, they will remain separate but will be designed to work well together and leverage existing Microsoft technologies and standards wherever possible.

Virtualization a key element of management strategy. When Microsoft acquired virtual machine (VM) technology through its Connectix acquisition in 2003, the company initially justified the purchase based on two target markets: developers and testers who need to emulate multiple environments, and organizations that wanted to use VMs to consolidate Windows NT 4.0-based applications onto servers running Windows Server 2003 with NT 4.0 running as the guest OS in a VM.

However, the company has finally admitted that it has more strategic and ambitious goals for its VM technology: virtualization will become a key platform for increasing manageability of systems. At the 2005 MMS, CEO Steve Ballmer said that virtualization was a topic of "intense interest and activity in the industry and at Microsoft" and to "expect to see a lot of Microsoft innovation" in that area. He also described how, in addition to making sure that today's Virtual Server product is manageable using Microsoft's management products, Microsoft will ensure that future DSI technologies fully support virtualization. Because virtualization makes it possible to decouple applications and OSs from the specific physical hardware they run on, it promises to make it easier to move or clone applications from one host server to another with little or no downtime. It also provides a convenient way to scale out application servers without the need for hardware-specific system images.

Heterogeneous management now a stated goal. Although Microsoft bills the DSI as a Windows-only management initiative (at least for the time being), the company is now designing its management products to be highly capable, if not best-of-breed, when managing Apple, Linux, and Unix systems and non-Microsoft applications, a goal that will put Microsoft management products into competition with management products such as CA Unicenter, HP OpenView, and IBM Tivoli. Microsoft still plans to rely on partners to write agents and MOM MPs for these platforms and applications, but the company is now making sure that MOM, SMS, and Virtual Server will have the necessary functionality and standards support to manage non-Microsoft environments as well. For example, it plans to build full support for the WS-Management Web services protocol into future versions of its OSs and management products so that it is easier to exchange management data with non-Microsoft platforms and management products.

Concerns Remain

Although Microsoft has revealed more detail on its systems management strategy, it has also exposed a number of issues and concerns, which include the following:

Developer tools lacking. While DSI is predicated on getting application developers involved in building management into their products from the start, Microsoft has yet to ship any products or tools to help them do it. (An SDK is available for MOM 2005, but while it provides tools to help create products that integrate with MOM, it lacks tools and guidelines on designing applications for manageability.) This situation will begin to change with the release of Visual Studio 2005 Team System, which will include Visio-like tools that allow corporate software designers and IT system architects to communicate requirements and collaborate through a process called "design time validation." This process will help developers flag problems and bad design assumptions, such as dependence on a communications port that is actually turned off in the production system, before writing code that would fail when deployed.

However, this first step is still far from the full DSI vision. The company plans to eventually expand its management tools for developers. The successor to Visual Studio 2005 (code-named Orcas) will provide greater DSI support, and the next release of MOM will include a set of authoring tools to help developers build MOM MPs for their applications. Unfortunately, it will likely take two more years before these tools appear and several more years after that before they garner widespread adoption outside Microsoft.

Some management elements missing. Microsoft has been trying to model its management tools and technologies around the Microsoft Operations Framework (MOF), a set of IT operational process guidelines based on the IT Infrastructure Library (ITIL), a series of books generally accepted in the IT industry as providing comprehensive documentation of best practices for IT service management and facilities planning.

However, several gaps remain in Microsoft's lineup of tools to assist in automating MOF/ITIL processes. While Microsoft bills SMS as its product for configuration and change management (CCM), SMS really addresses only a part of the overall CCM function. SMS can install, patch, or uninstall software, detect changes in PC hardware, and log hardware and software changes, but it has no provisions for tracking configuration management, such as when an administrator changes an application configuration setting. It also has no provision for logging the identity of the individual making a change.

Nor does Microsoft offer a solution for issue or asset tracking. Although SMS can track some aspects of PC hardware, it cannot track other devices, such as printers or monitors, and it completely lacks facilities for tracking nontechnical information, such as purchase cost, depreciation, and support contracts. Instead, Microsoft has been steering customers to third-party solutions, such as BMC's Remedy product, for issue tracking, and Peregrine and PS'Soft for asset management. However, at the 2005 MMS, Kirill Tatarinov, vice president for Enterprise Management, disclosed that Microsoft is taking a close look at how some of its customers are using its Microsoft Business Solutions Customer Relationship Management product for issue tracking, implying that Microsoft might eventually tailor it for that purpose.

Roadmap for Existing Products

Although the Systems Center suite product is off the drawing board, MOM and SMS continue to evolve as stand-alone products. The company plans to invest heavily in both products, and its application teams continue to refine the MOM MPs for their respective products.

Virtual Server, while not part of Tatarinov's product group, will also play a key role in Microsoft's management portfolio.

In addition to products, Microsoft will update and supplement management technologies built into Windows. (For a description of these technologies, see the sidebar "Windows Management Technologies".)

See the illustration "Management Product Roadmap" for a timeline of the various management product and technology releases.

Operations Manager

MOM sales are growing rapidly and Microsoft claims to have already captured about 19% of the North American market for Windows monitoring products. The release of MOM 2005 Workgroup Edition, a less expensive and simpler version for monitoring 10 or fewer servers, has allowed smaller businesses to take advantage of MOM's sophisticated monitoring and has helped grow the base of MOM installations.

The first service pack for MOM 2005 will ship in the summer of 2005. However, this service pack will consist mainly of bug fixes; Microsoft has not announced any new functionality.

New Management Packs in 2005

Microsoft has released more than a dozen new or updated MOM 2005 MPs since the beginning of 2005. In keeping with Microsoft's Common Engineering Criteria, customers should expect to see additional MPs as Microsoft updates other server products, beginning with the release of SQL Server 2005 (code-named Yukon) in the second half of 2005.

Three of the new MPs are particularly noteworthy:

Critical desktop. Historically, MOM has focused on servers. However, the new Desktop Base Operating System Management Pack allows organizations to use MOM to monitor the health of critical Windows XP desktops, such as unattended kiosks or teller machines. Since Microsoft has not made any exceptions to MOM's pricing and licensing structure, monitoring desktops will be pricey: organizations will still have to pay US$540 (less the discounts available for volume purchases) for each monitored desktop computer.

Web Sites/Web services. While the Windows Base Operating System Management Pack has always been able to monitor the health of Windows' Internet Information Services (IIS), which is used to host Web sites and Web services, the new Web Sites and Services Management Pack can monitor availability and performance of specific Web sites and Web services. It accomplishes this by sending high-level HTTP requests against the monitored entities. For example, in order to validate links on a Web page, administrators can configure the MP to monitor a stand-alone URL (the equivalent of an HTTP "ping") or monitor specific Web pages to make sure they respond, complete with resources (like images and scripts). However, MOM treats the site or service as a "black box," so it offers little diagnostic information to operators or developers trying to find the cause of a problem in the application code.

.NET Framework. In summer 2005, Microsoft will offer a generic MP developed by AVIcode that allows organizations to monitor custom .NET applications, even those whose developers never included any specific instrumentation code. While the MP will not understand the inner workings of specific applications, the .NET Framework can trap debugging information from any application running on it. The new MP collects and forwards this information to MOM, which is extremely useful to developers troubleshooting problems in the .NET application.

MOM Version 3

The successor to MOM 2005, code-named MOM Version 3 (v3), will go into a closed beta in the second half of 2005. An open beta will be available in the first half of 2006, and the product is due to ship during the second half of 2006.

The following major new features are planned for MOM v3:

Model-based management. MOM v3 will be the first version of MOM to use the information in Systems Definition Model (SDM) documents—the standardized XML documents that provide the information needed to deploy, configure, and manage various components of a system. Furthermore, MOM v3 MPs will comply with a formalized health model, which will make it possible for the MPs to perform probable cause analysis, wherein MOM can at least identify the component that is the cause of the problem. However, these model-based approaches will require existing MOM 2005 MPs to be rewritten, and the utility the models will deliver in this first iteration is questionable. (For more information on SDM and this health model, see the sidebar "DSI Update".)

Service-oriented monitoring. Today, MOM 2005 monitors health at the server level and relies on the functionality of the MOM MPs to monitor distributed services, such as Active Directory, a Web farm, or the Distributed File System (DFS). In contrast, MOM v3 will have the inherent ability to model services. Supporting the monitoring of services that span multiple computers, MOM v3 will know the relationships and dependencies of the various servers needed to provide the service. For example, if a Web site consisted of three Web servers, a front-end load-balancing device, a pair of DNS servers, and a back-end SQL Server database, MOM v3 would be able to understand each device's role in the overall service and determine the cause of any deterioration in service caused by the failure of a component.

SDK/Authoring tools. Unlike MOM 2005, which has limited tools to assist with MP development, MOM v3 will have a more extensive SDK complete with authoring tools to help developers create MPs. This support should help expand the number of MPs available for non-Microsoft applications.

Role-based user interface (UI). The new UI will dispense with the two separate consoles in MOM 2005 (operator and administrator) and use a single, more flexible console that exposes or hides various capabilities, based on each user's role.

Monad support. Microsoft's next-generation shell-scripting engine (code-named Monad) will ship as a feature of Exchange 12 in the second half of 2006 and in Windows after that. (Although the release vehicle is still undetermined, Monad will also be available for Windows Server 2003, XP, and "Longhorn.") Monad will enable administrators to run interactive command-line management tasks, as well as write scripts for routine operations that today are impossible or very clumsy. Monad is a higher-level language than today's VBScript and JavaScript and should be easier for nondeveloper administrators to learn and use.

The new MOM rules engine will make extensive use of Monad scripts. Furthermore, as with the next release of Exchange and other future management consoles for other Windows Server System products, the MOM administrator's console will be a layer on top of Monad, which ensures that any operation that can be done at the graphical console can also be automated by a script.

Systems Management Server

A welcome departure from the rocky path of earlier versions, SMS 2003 has been reliable and is selling well—Microsoft claims that SMS has captured nearly 50% share of the North American market for desktop management products.

Three SMS-related releases are scheduled over the next several years.

SMS 2003 Inventory Tool for Microsoft Update

Windows Server Update Services (WSUS, formerly known as Windows Update Services, or WUS) is the company's upcoming free product for organizations to centrally manage patching of Microsoft products.

Thirty days after WSUS ships (expected during summer 2005), SMS 2003 customers will be able to download an update that will replace SMS 2003's current patch scanner (based on Shavlik's HFNETCHK technology) with the same scanner used by WSUS. This scanner will eliminate separate scanners for Windows and Office patches and eventually cover all Microsoft products. It will also make scan results consistent across SMS 2003, WSUS, Windows Update (soon to be renamed Microsoft Update), and the Microsoft Baseline Security Analyzer (MBSA) tool.

SMS 2003 Update

In the first half of 2006, Microsoft plans to release a free update to SMS 2003 that adds several new features. (Microsoft has not deemed this release a "feature pack," but that's what it seems to be.)

The two most important new features are as follows:

Vulnerability assessment. The update will allow administrators to run security vulnerability assessments on SMS-managed computers. This process will go beyond simply scanning for missing security patches: similar to the MBSA tool, this update will be able to detect insecure configurations, such as local accounts without adequate password policies.

Third-party patching. The update will include a published API and documentation that allows other ISVs to extend SMS's scanning technology to detect and patch non-Microsoft products. Even though many non-Microsoft products, particularly antivirus and antispyware products, come with their own self-update capabilities, many organizations with SMS would prefer to use a single enterprise-wide product for all their software update needs.

SMS Version 4

The next full upgrade will come in late 2006 or early 2007. Code-named SMS Version 4 (v4), this release will begin to make use of SDM documents that accompany components. This will make it possible to manage all of a computer's OS and application configurations to match a desired state, unlike today, in which each application and system component assigned to a computer is managed independently from others.

SMS v4 will include other key feature additions, such as the following:

Management of Internet-connected PCs. Today, Internet-based users must first bring up a virtual private network connection before SMS can inventory or install software on their PCs. With SMS v4, this will no longer be required, making it easier for organizations to keep the computers of mobile and home office users up-to-date.

Longhorn NAP integration. The next version of Windows, code-named Longhorn, will introduce support for Network Access Protection (NAP), which limits a quarantined network to the connectivity of computers that do not meet the organization's security policy. SMS v4 will integrate with NAP in such a way that SMS can bring a quarantined system in compliance with policy so that it can gain full network access.

New administration UI. The SMS 2003 administrator's console interface will be replaced by one based on .NET and the new Monad scripting language, as is the case with the planned MOM v3 administration console. In addition to being fully scriptable, the new interface will require far fewer steps to perform common tasks, such as deploying patches.

Unified OS deployment. Longhorn Server will combine features of the OS deployment technologies currently incorporated in the SMS 2003 OS deployment Feature Pack and in the Windows Server 2003 Automated Deployment Services (ADS) with new image and software installation technology. One major benefit of this new technology is that system images will be modifiable, which will let systems administrators make changes to images, such as installing a patch, without having to create a new image. This new capability should dramatically reduce the time required for administrators to maintain the images used to create new server and workstation systems. SMS v4 will be designed to deploy images built with the new Longhorn image technologies.

Virtual Server

As mentioned earlier, machine virtualization will increasingly factor into Microsoft's DSI systems management strategy. While the near-term releases aim to add functionality to Microsoft's core management products to make Virtual Server more manageable, in the longer term virtualization will not only become a key element of the systems management infrastructure but it will be built natively into Longhorn Server.

However, Microsoft has substantial lost ground to make up. EMC's current VMware virtualization product's market share is far ahead of Microsoft, and VMware's shipping products offer greater capabilities.

Virtual Server 2005 SP1

Currently in beta and targeted for release in the second half of 2005, Virtual Server 2005 SP1 will be primarily a rollup of fixes intended to improve performance and increase scalability.

In addition, it will add certain important new capabilities:

64-bit support. Virtual Server 2005 SP1 will provide host support for Windows Server 2003 SP1 x64 Edition (but not IA64, used by the Intel Itanium processor). This is important because production systems running many virtual machines can exploit the vastly larger memory support and greater processing power of x64 systems, and thereby support greater server consolidation than 32-bit systems.

iSCSI clustering. Virtual Server 2005 SP1 will allow organizations to create Windows Cluster service clusters between two virtual guest OSs that reside on separate physical servers, as long as those servers and the host OS are configured to connect to shared storage-area network disk storage using the iSCSI communications protocols. The benefit of this arrangement is that one set of physical servers could then support multiple "virtual" clusters, and each would benefit from the failover redundancy provided by clustering, yet the incremental hardware outlay for each would be small.

Preboot eXecution Environment (PXE) support. PXE is a small OS that can load out of a system's BIOS, and it enables a computer without an OS on its disk to connect to a network server and begin a bootstrap process that results in OS installation. SP1 will provide PXE support for virtual machines, which will enable automated OS installation on virtual machines using the same techniques used to automate OS installation on physical servers.

Non-Windows guest OS support. While not a technical feature, with SP1 Microsoft's Customer Service and Support (formerly Product Support Services) will now support customers that run Linux or Sun Solaris as a guest OS. Furthermore, Microsoft will make sure that future Virtual Server changes will not preclude running these non-Windows OSs.

Virtual Server Future

The next major update of Windows server (code-named Longhorn Server and expected in 2007) will contain a built-in virtualization stack, entirely separate from today's Virtual Server 2005 product, designed to take advantage of new virtualization capabilities built into future processors. Intel calls this capability Virtualization Technology (VT, formerly known as Intel Vanderpool technology) and Advanced Micro Devices calls it "Pacifica," and both are expected to appear in computers in 2006.

Similar to the approach taken in the competing EMC/VMware ESX server, Virtual Server will depend on a hypervisor (or what Intel calls the "Virtual Machine Monitor"), a "thin" Windows software layer that will sit between the hardware and all the virtual machines.

In Longhorn Server, each virtual machine will be able to be temporarily halted with its state intact, and then resumed or moved from one parent OS to another (either on the same machine if multiple parent partitions are running, or between physical machines using the live migration capability). Microsoft thinks this new architecture will significantly improve VM performance, availability, and reliability, and is key to a DSI goal of making application services easily scalable or portable from one physical server to another.

Although the Longhorn virtualization support will be distinctly separate from that of Virtual Server 2005, customers will be able to migrate existing virtual machines to run on the new technology.

Microsoft has also announced plans to publish the virtual hard disk (VHD) file format used by its Virtual PC and Virtual Server products today and will submit it as an industry standard. By doing so, it hopes that other software vendors will write management programs that can read information from these files and perform operations on the OS images, such as software installation or patching, while the virtual machine is not loaded and running.

New Management Products

Five new management products will ship during 2005. Of these, three will pick up the Systems Center branding.

System Center Reporting Manager 2005

Now that plans for a consolidated System Center product have been cancelled, Microsoft has decided to offer the benefits of the original idea (i.e., combining data from multiple sources to allow administrators, operators, and managers to make better systems management decisions) by shipping a new product called Reporting Manager 2005.

Built on SQL Server 2000 Analysis Services and Reporting Services, Reporting Manager extracts data from MOM 2005, SMS 2003, and Active Directory, consolidates it into a data warehouse, and generates both canned and custom reports. The new product essentially supplants the data warehouse in MOM 2005 and will be extensible to allow data to be integrated from other sources, such as a trouble ticketing system or network management software such as HP OpenView. Reporting Manager also allows consolidation of data from multiple disparate MOM or SMS systems. By consolidating and analyzing data from multiple sources, Reporting Manager will be able to correlate information to provide better diagnostic and performance information, such as when a change introduced by SMS breaks or degrades an application.

The product is now in beta and due for release in the second half of 2005. A second release is planned in 2006 or 2007.

System Center Data Protection Manager

Data Protection Manager (DPM, formerly called Data Protection Server) is a new Microsoft server product that will provide Windows-based file servers with an intermediate hard-disk-based backup-and-restore facility before data is backed up onto tape. DPM will allow backups to be taken many times per day, reducing the amount of outstanding data that hasn't been backed up. It will also dramatically reduce file restore times, and even let users restore files without IT assistance.

Planned for release in the second half of 2005, the product is currently in public beta. Although in its first release DPM can back up file shares only, Microsoft claims that unannounced follow-up releases will add support for backing up databases such as the Registry, Active Directory, Exchange, and SQL Server.

System Center Capacity Planning Manager 2006

Formerly known by its code-name Indy, Capacity Planning Manager (CPM) 2006 uses modeling and simulation technology to allow system planners to identify performance bottlenecks, measure the effects of changes, and optimize use of available resources. The first release is limited to modeling Exchange scenarios and requires hand entry of all parameters—it doesn't perform discovery or read any information from the MOM or SMS databases.

CPM is in limited beta and will be released in the second half of 2005. A follow-on release with broader modeling capabilities is scheduled for 2006 or 2007. Long term, the goal is for CPM to use SDM information to automate configuration of baseline models.

Windows Server Update Services

WSUS is a replacement for Software Update Services (SUS), a free Windows Server-based tool that gives organizations a centralized and automated way to distribute and install critical OS fixes and security rollups on Windows systems. Originally named Windows Update Services and now in a broad beta for a summer 2005 release, the new product coincides with an upgrade to Microsoft's Windows Update Web service for distributing software updates, which will be renamed Microsoft Update. The combination will eventually support updating of all Microsoft products and provides some capabilities sorely lacking in SUS, especially status reporting.

As was the case with SUS, SMS 2003 does everything that the free WSUS product will do and much more.

Microsoft Baseline Security Analyzer 2.0

MBSA is a free security tool that can scan multiple computers for a wide range of security problems, including missing patches and incorrect configurations that can create vulnerabilities, such as weak or nonexistent passwords, and then produce reports listing the results. All versions through 1.2 (current) are based on technology licensed from Shavlik.

MBSA 2.0 is now in beta and will use the same scanning technology being developed for WSUS and the SMS 2003 Inventory Tool, instead of the Shavlik technology. This should produce more comprehensive and consistent results. The tool should be finalized during the second half of 2005.

Resources

Additional MOM 2005 details and analysis can be found in "More Polished Operations Manager Nearing Completion" on page 3 of the July 2004 Update.

SMS 2003 was covered in "Stronger Systems Management Server Worth A New Look" on page 9 of the Nov. 2003 Update.

Microsoft Virtual Server is described in "Virtual Server 2005 Supports Testing and Flexibility" on page 7 of the Nov. 2004 Update.

Data Protection Manager 2005 was described in "Data Protection Server Under Development" on page 9 of the Nov. 2004 Update.

SQL Reporting Services and SQL Analysis Services, upon which Reporting Manager 2005 is built, were covered in "SQL Reporting Services Launches" on page 3 of the Mar. 2004 Update and in "Analysis Services Matures in SQL Server 2005" on page 3 of the Feb. 2005 Update.

Windows Server Update Services was described in "Free Software Update Technology to Cover All Products" on page 12 of the Feb. 2005 Update.

MBSA 1.1 was covered in "New Baseline Security Analyzer Uncovers Patch Problems" on page 7 of the March 2004 Update.

ADS and RIS were described in "Deployment Improvements Yield Secure Servers Faster" on page 3 of the Sept. 2003 Update.