Optimisation du Poste de Travail

Présentation au sujet: "Optimisation du Poste de Travail"— Transcription de la présentation:

1

2 Optimisation du Poste de Travail
Gérard Gasganias Ingénieur Avant-Vente Microsoft France David Sebban Practice Manager Nelite Mercredi 9 Février 2011

3 Pourquoi une stratégie d’optimisation des postes de travail ?

4 Vos interrogations Comment garder mes données et
mes applications sécurisées ? Dois-je m’orienter vers des services “Cloud” ? Comment rendre plus productifs mes utilisateurs mobiles ? Comment gérer mes coûts ? Mes employés doivent-ils utiliser leurs PC personnels pour travailler ? Comment profiter des avantages de la virtualisation ? Stratégie client riche ou client léger ? Les clients sont sur Windows XP depuis presque 10 ans. Depuis 10 ans, beaucoup de choses ont changé que ce soit d’un point de vue de l’activité de l’entreprise ou des technologies. Windows 7 est un catalyseur qui pousse les clients à reconsidérer leur poste de travail sous l’angle de l’efficacité de leurs utilisateurs où qu’ils soient tout en gérant les coûts. Les questions sont multiples: Nouvelles tendances du marché: problématiques budgétaires, sécurité des données, législation Nouvelles technologies: virtualisation, services « cloud » (Windows Azure, Windows Intune…) Nouveaux usages: mobilité des utilisateurs, PC personnels, besoins métiers des utilisateurs Infos/chiffres clés: La moitié des professionnels de l’informatique prévoit de déployer Windows 7 (Enquête de Citibank) 68% des entreprises ont des difficulté à gérer leur PC (Forrester) Les budgets IT resteront à l’identiques l’année prochaine (1% de croissance d’après le Forrester) Coût total de possession: $ par PC par an (IDC Core IO research 2007) Sécurité et conformité 56% des répondants aux enquêtes Microsoft considèrent qu’ils ont besoin d’aide pour protéger les données de l’entreprise sur leurs postes. Vol de données représente 2.3m$ tandis que le vol de matériel représente 3.8m$ (Computer Security Institute/FBI Computer Crime & Security Survey-looking for latest version of this) Perte moyenne à cause des incidents du à la sécurité a été de $234,244 in 2009 (CSI Security Survey 2009). Fraude financière qui est passé de 12% en 2008 à presque 20% Consumerisation: vous perdez vos meilleurs employés “génération digitale” si vous ne proposez pas de technologies innovantes au sein de votre organisation (vous n’imaginez pas le nombre de personnes refusant des emplois à cause d’un environnement technologique trop vieillissant) Client Computing Choices Essential Points to Land: Complexity of OS migration, specifically in the context of Windows XP Windows 7 Windows 7 is an Inflection Point: Customers are using it to think broadly about their client computing environment They now have a wide range of choices: trends in business (tightening budgets, mobility) and technology (virtualization, cloud services,) are generating questions about how best to decide Storyline: Don’t make a decision on OS migration alone: You need a full desktop strategy Customers have been on Windows XP for nearly 10 years. In that decade, many things have changed both in business and technology. Windows 7 is a catalyst that is causing customers to reconsider their client computing environment through the lens of making people productive – wherever they are -- while managing cost. Half of IT Pros are looking to deploy Windows 7 (Citibank), and two-thirds of firms expect to migrate to Windows 7 at some point (Forrester: Windows 7 Commercial Adoption Outlook). They have lots of questions about how to achieve this, like: According to IDC, the TCO of desktops can range widely, anywhere from $230 to $1320 per PC annually. Where organizations end up within this range depends on many factors, which we will discuss later in the presentation. How do I manage costs? Should employees bring their own PCs to work? Organizations are at risk of losing their brightest and most ambitious young employees if they cannot provide the computing environment the “digital native” generation is accustomed to. Although the present economic climate has shifted the balance of power in recruiting, this is temporary: the war for talent will persist. Some companies have responded to this war by piloting “Bring Your own PC” programs, which give workers more choice in what PC they use. This means IT departments focus more on access, security and data protection. This trend obviously has ramifications on TCO. Do I expand use of cloud services? Forrester believes that the increased availability and capabilities of all kinds of cloud services: from Web-based offerings to Software as a Service to Infrastructure as a service will be a game-changing, disruptive shift for some enterprise clients (Market Overview of Current Cloud Service Providers from Global IT providers-June 2009). The expansion of cloud services presents an opportunity for organizations to consider how best to leverage their existing investments and where to put new ones. Should I use Rich clients or thin clients? Lowering cost and improving manageability, security, and remote access drive interest in client virtualization (Forrester), and the choice between rich clients or thin clients often accompanies the choice about what kind of desktop virtualization organizations use. How do I keep my data safe and my applications secure? The average loss due to computer security incidents was $234,244 in 2009 (CSI Security Survey 2009). However, theft of proprietary data from mobile devices was far higher: According to the CSI/FBI Computer Crime & Security Survey theft of proprietary data from mobile devices tallied to $2.3M, while theft of customer data from mobile devices came to $2.2M. Given this, it’s no surprise that more than half of the respondents in MSFT research told us they need help protecting corporate data on laptops. The number of mobile workers overall will increase to more than 30 percent by 2011 (IDC), and 68% of the companies we surveyed struggle with the inability to manage PCs when those are not physically connected to the corporate network. Much of this difficulty is due to the complex and time-consuming methods of connecting to corporate networks when away from the office. This presents a huge challenge not only for end user productivity but also for security and data protection. How do I keep mobile users productive? How can I take advantage of virtualization? The client virtualization trend has swept many industries over the past 2-3 years, leading many IT decision makers with questions about how they can benefit from the potential of virtualizing applications or full desktops. However, with the buzz around virtualization reaching a fever pitch, analysts, such as Natalie Lambert of Forrester – warn that many have misconceptions about exactly what benefits they can hope to achieve through virtualization. (Forrester: Know Your Facts: Understanding The Realities Of Desktop And Application Virtualization July 2009) Transition: Although migrating to Windows 7 might be the issue that causes enterprises to question these things, CIOs and architects should not make a decision based on migration concerns alone, but instead think about the broader desktop strategy for their organization and for their users. All Relevant Data Points: TCO Half of IT Pros are looking to deploy to Windows 7 (Citibank Survey) $ per PC per year (IDC Core IO research 2007) Security and Compliance 68% of Enterprises struggle managing PCs (Forrester) Forrester: IT budgets will remain flat in the next year at 1% growth Theft of proprietary data from mobile devices tallied to $2.3M, while theft of customer data from mobile devices came to $2.2M. The cost of the stolen mobile hardware itself was reported at $3.8 (Computer Security Institute/FBI Computer Crime & Security Survey-looking for latest version of this) Average loss due to security incidents was $234,244 in 2009 (CSI Security Survey 2009) saw huge jumps in financial fraud: from 12 percent in 2008 to nearly 20 percent Consumerization: You lose your most ambitious employees if you cannot provide them enough computing power (anecdote of people turning down jobs bc of computing environment) 56% of respondents in MSFT research say they need help protecting corporate data on laptops

5 Un poste de travail répondant aux besoins de chaque utilisateur
Simple Contrôlé et sécurisé Quelques applications “task workers” factory worker retail clerk bank teller call center Expérience riche Réinitialisation rapide Applications standard “guest workers” computer lab training center consultants Expérience riche Personnalisé Applications diverses Multi utilisateurs “office workers” finance operations marketing administration Access sécurisé et contrôlé Fléxibilité de lieux et de matériel Applications et utilisateurs multiples “remote workers” offshore workers outsourcers, contractors branch offices teleworkers Mode déconnecté Sécurisé Applications et utilisateurs multiples “mobile workers” sales executives field service Besoins

6 Les Solutions proposées par Microsoft
De la Virtualisation à Windows 7

7 Les différentes offres de Virtualisation
3/31/2017 9:52 PM Les différentes offres de Virtualisation Focus: Diminution TCO Profils itinérants Redirection de dossier Fichiers hors connexion Virtualisation locale au poste Données et paramètres Microsoft Application Virtualization Microsoft RemoteApp (RDS) Virtualisation distante Applications Virtualisation locale au poste OS Microsoft Virtual Desktop Infrastructure Microsoft Enterprise Desktop Virtualization Microsoft Remote Desktop Services Virtualisation distante Matériel Poste de travail traditionnel Focus: Flexibilité accrue © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Virtualisation : locale ou distante
App-V Application virtualisée RemoteApp Application publiée MED-V Client Poste virtualisé Serveur VDI

9 Virtualisation des données et paramètres utilisateurs
date

10 Données et paramètres Les données et les paramètres personnels suivent les utilisateurs Redirection des dossiers et Fichiers hors connexion Stockage central des fichiers de données quel que soit l'appareil client Cache local hors connexion Configuration par l'équipe IT via la stratégie de groupe Profils itinérants Les paramètres personnalisés suivent l'utilisateur de PC en PC La synchronisation des paramètres avec le serveur de données se fait automatiquement dès la connexion de l'utilisateur Principaux avantages Remise en service rapide des comptes utilisateur sans, ou presque, intervention de l'équipe IT Sauvegarde permanente pour assurer la continuité de service Adoption rapide des pratiques recommandées pour l'administration des fichiers et des utilisateurs

11 Virtualisation des applications
date

12 Virtualisation des applications locale ou distante ?
Différents modes de Virtualisation Virtualisation locale Création d’une copie locale de l’application virtuelle, pouvant s’exécuter en mode déconnecté, sans serveur distant Session-Based Server Virtualization Des application virtuelles s’exécutent sur un serveur, un accès à distance est disponible Client Client Serveur Microsoft Application Virtualization Remote App

13 Virtualisation locale des applications Microsoft Application Virtualization
Gérer de manière centralisée la distribution des applications Accès à la demande aux applications sans installation ou reboot Applications virtuelles et paramètres préservés online ou offline Les applications sont isolées de l’OS et n’intéragissent pas entre elles Bénéfices importants : Les utilisateurs ont accès à leurs applications sur tous les postes managés La gestion applicative centralisée simplifie la maintenance et les mises à jour Les coûts de tests sont réduits, et le rythme de déploiement accéléré “With Application Virtualization we dramatically reduced packaging time, optimized application delivery and management processes, and cut the total cost of ownership for our client environment” Axel Junghans, Global Client Manager, Heidelberg

14 Virtualisation distante des applications L’offre RemoteApp
Rendre disponibles les programmes via RD Web Access ou RemoteApp & Desktop Connection Créer des packages MSI ou RDP Les applications sont lancées depuis une page web ou un package MSI/RDP Ces applications sont perçues comme si elles étaient exécutées localement RD Client RD Session Host / RD Virtualization Host

15 Virtualisation des Systèmes d’Exploitation
date

16 Virtualisation de l’OS locale ou distante ?
Différents modes de Virtualisation Virtualisation locale Création d’une copie locale de l’image virtuelle, pouvant s’exécuter en mode déconnecté, sans serveur distant VDI/Session-Based Server Virtualization Des images virtuelles s’exécutent sur un serveur, un accès à distance est disponible Client Client Serveur Microsoft Enterprise Desktop Virtualization VDI (Hyper-V; Windows Server; Terminal Services; VDA)

17 Virtualisation locale d’OS Microsoft Enterprise Desktop Virtualization
La technologie Les avantages Gestion centralisée de Virtual PC Simplification du déploiement et des mises à jour Intégration des applications sur le bureau de la machine hôte Accélérer la migration des OS Eliminer les problèmes de compatibilité applicative Environnement professionnel toujours disponible Expérience intuitive Les applications sont directement accessible depuis le menu démarrer. Compatibilité des applications avec l’OS Fourniture d’un poste d’entreprise sur un environnement non maîtrisé Postes des employés à la maison Postes des prestataires Contrôle des machines Virtual PC Reconstruction rapide des environnements d’entreprise Les applications classiques cohabitent avec les applications virtualisées.

18 Virtualisation à distance d’OS Virtual Desktop Infrastructure
La technologie La technologie Les avantages Exécution du poste de travail (OS, apps, data) dans une machine virtuelle sur un datacenter Report d’affichage sur un poste, client riche ou client léger Distribution dynamique du poste de travail Collaboration inter entreprise Disponibilité des postes de travail Operating System Desktop Workload

19 Remote Desktop Services & VDI Une infrastructure commune
RD Client System Center and App-V RD Session Host with RemoteApp RD Web Access RD Connection Broker RD Virtualization Host RD Gateway Connection Broker : équilibre de charge RD Gateway : passerelle pour l’extérieur de l’enteprise Portail Web : ou que je sois dans l’entreprise RD Virtualization : rôle à installer sur le srv HyperV [Build 1] – The following slide provides a high level overview of the components in RDS. We will look at the new RDSH and RDVH technologies in depth later on. Remote Desktop Session Host Server provides a similar set of functionality as Terminal Server. RD Virtual Host Server is a hyper-v based server that is used to provide VDI functions. RemoteApp and Desktop Web Access Server provides a web based interface for RemoteApp enabled applications as well as one click access to virtual desktops. Highlight that you need Windows 7 on the client to take full advantage of Desktop Connections. RD Gateway to offer secure remote access to RDS servers and infrastructure All components require an RDS licensing server Permissions and policy is stored in Active Directory [Build 2] Remote Desktop Client gets connection information from the RD Web Access Server. If the client is outside the network the client connects through the RD Gateway server, if they are internal then can connect directly to an RDSH or RDVH server. In both cases the server that the client connects to is negotiated by the RD connection Broker. The connection broker plays a central role in RDS to make sure clients get connected to appropriate resources. It also helps clients reconnect to disconnected or interrupted session, and makes sure that clients are connecting to the correct servers for VDI resources. At a high level the remote client uses the RD Gateway to obtain access to the RDSH RD Session Host and RDVH servers. The RD Connection Broker connects clients to sessions and VMs on the RDSH and RDVH servers. All Remote Desktop Servers require validation with an RD Licensing Server. Licensing Server Active Directory®

20 Fournir les fonctionnalités essentielles Avec Windows 7, MDOP et System Center
Accès en tout lieu Sécurité et Conformité Direct Access Mobile Broadband BranchCache Federated Search User State Virtualization UI and Navigation BitLocker BitLocker To Go AppLocker Security Development Lifecycle Internet Explorer 8 Security Continuité des Services App-V MED-V Asset Inventory Service Advanced Group Policy Management Troubleshooting Packs Problem Steps Recorder Desktop Error Monitoring Diagnostic and Recovery Toolset Delivering on the Essential Capabilities: Supporting Ultimate Flexibility with Windows 7, Desktop Virtualization and System Center Essential Points to Land: All 4 essential capabilities are acheived in this scenario Works both online and offline (VDI differentiator) Serves a fast-growing segment of end users: Mobile Workers, a segment that will be more than 30 percent of the workforce by the end of 2011 Storyline: Mobile workers make up an increasing proportion of end users in today’s organization. Between 25 and 30 percent of today’s workers can be classified as mobile, and these users need to be productive regardless of where they are. The capability of anywhere access for mobile workers is provided by a set of technologies that help IT both manage and give access to Data (Folder Redirection/Offline Files), Applications (Application Virtualization), and User Settings (Roaming User Profiles). The capability of Security and Data Protection is provided by BitLocker on the PC and extended to portable drives by BitLocker To Go. It is protected in transit with DirectAccess, which leverages the security advances of IP v6 and IPSec to ensure data protection. Business Continuity is achieved through these same technologies because if users need quick access to new PCs, they can simply log in with their Active Directory credentials and their data, applications, and computing environment can be provisioned to them on demand. All of this is managed end-to-end from physical to virtual and desktop to datacenter with System Center. Data Points: Swedish Medical Center Case Study (App-V) ( Administration de bout en bout Powershell Deployment Tools Advanced Group Policy Management MED-V

21 En tout lieu sur tout PC autorisé
Poste de travail Windows Optimisé Client, serveur, sécurité et administration flexibles En tout lieu sur tout PC autorisé Poste de travail Infrastructure Serveur d’administration Poste de travail Infrastructure Serveur d’administration

22