Technical Solution Brief

Published: July 28, 2006 | Updated: May 3, 2007

The Infrastructure Optimization (IO) Model offers companies a gauge for their IT infrastructures, helping them plan infrastructure growth and realize the full value of their IT investments. Microsoft applies the same benchmarks to its own corporate infrastructure, focusing on a number of key capabilities to advance its core IT infrastructure on the infrastructure optimization maturity scale.

An IT infrastructure is a strategic asset and the critical foundation upon which software can deliver the services and user applications that a business needs in order to operate effectively and succeed. For many organizations, growth and rapid developments in new technologies have resulted in data-center and desktop platforms that can be overly complex, inflexible, and difficult to manage. Such systems typically have built-in costs that are not only high but also somewhat fixed, regardless of changing business requirements.

IT professionals, meanwhile, are under growing pressure in that environment from the information workers in their companies. Information workers say they need everything to "just work"—for example, anywhere access to information and e-mail; instant collaboration within teams, across the organization, and with partners; more portals, virtual meetings, and other collaboration tools; and delivery of this infrastructure in a self-service fashion.

Microsoft Information Technology (Microsoft IT) is not free of these challenges. It has more than 120,000 end users and 300,000 devices connecting to its network across the globe. Its goal, from an IT perspective, is to develop and maintain IT systems and solutions that are manageable, streamline business transactions, improve business productivity, offer lower total cost of ownership (TCO), and provide predictable, trustworthy services for customers, clients, and partners around the world. At the same time, it serves as the prescriptive architecture, modeling deployment of its products even while running almost entirely on beta software.

For most organizations, including Microsoft, the IT infrastructure that serves it can and should be its greatest strategic asset and business enabler. Unlocking that potential requires alignment between IT and the business, a mature infrastructure, and a balance between people, processes, and technology.

To serve as a strategic guide on that process, Microsoft developed the core IO Model, an operational benchmark for gauging the maturity of a company's technology infrastructure. From the core model, Microsoft developed two other models focusing on capabilities: the Business Productivity Infrastructure Optimization (BPIO) Model and the Application Platform Infrastructure Optimization (APIO) Model. Collectively, these models provide an end-to-end view of the critical infrastructure that all organizations need.

The IO Models are based on analyst and academic research, industry best practices, and the experiences of Microsoft. They provide a set of high-level capability metrics and guidelines to help an IT organization evaluate its existing infrastructure. In addition, these models help companies create a strategic plan for developing their IT infrastructures and realizing the maximum value from their technology investments while enabling their key business solutions.

Infrastructure Optimization Model

The vision of IO is to help customers realize the value of their investments in IT infrastructure, to make the IT infrastructure a strategic asset that enables agility within their organizations, and ultimately to help customers create an infrastructure for a people-ready business. A people-ready business, organization, and infrastructure adapt to the industry environment. They have the ability to bring new products and services to market in a timely, cost-effective manner, by connecting people, information, and business processes to increase market responsiveness and help eliminate inefficiencies. An optimized IT infrastructure, developed according to IT standards and operating efficiently and productively, helps ensure conformation to those IT standards, and supports cost reduction, security, and risk mitigation for the environment and users.

The IO Model is most often used as a strategic tool, helping to evaluate the maturity level of an organization's core technology infrastructure (management, security, and networking) and determine areas (such as application optimization) in which a company can realize significant reduction in costs and improvement in capabilities. The IO Model is designed not to focus on the type or manufacturer of technologies, but instead focus on the capabilities outlined for each stage. An assessment of a company's technology adoption relative to the IO Model enables strategic discussions that focus on the business value of deploying new technologies and using the existing platform as a whole. Customers can optimize infrastructure across heterogeneous IT environments.

The IO Model is a continuum of four levels or phases of progressively higher technological maturity: Basic, Standardized, Rationalized, and Dynamic. These phases can be broadly defined as follows.

Basic

A typical company in the Basic phase has manual, localized processes, minimal central control, and limited or unenforced IT policies. Examples include:

• The Basic IT infrastructure comes at a high cost and is characterized by chaotic, ad hoc, reactive, manual operations. Service levels are low and business drivers are not used to set IT priorities.

• There is a general lack of knowledge regarding the details of the infrastructure that is currently in place or how to improve it. The overall health of applications and services is unknown, due to a lack of tools and resources.

• Infrastructure costs are high, largely due to high-touch and time-consuming software deployments and updates. Responding to security threats is a reactive process because there are no consistent security policies or management features.

Standardized

A company in the Standardized phase can be characterized as having a managed infrastructure that introduces operational controls through standards, policies, servers, and resources. Examples include:

• The Standardized infrastructure is centrally managed with some automation. IT operations remain primarily reactive, with some proactive processes to reduce short-term costs.

• Service levels are better than Basic but not optimal. IT makes decisions on behalf of the business based on its perception of business needs.

• Meeting regulatory requirements is difficult and costly for the IT department, because it is responding to and solving unforeseen technology incidents. There is no formalized process for the standardization and testing of applications, and identity management is not fully centralized.

• End users feel that the introduction of IT governance, standards, and procedures impose restrictions on their business flexibility and productivity.

• Compared to the Basic phase, there is more thorough support for rich collaboration tools, improved network uptime, and more continual access to mission-critical data meaning that the organization will experience an increase in productivity among employees and IT professionals.

Rationalized

A Rationalized infrastructure generally includes proactive processes, provisioning, and policies that have matured and begun to play a large role in supporting and expanding the business. Most importantly, the costs involved in managing desktop computers and servers are at their lowest. Examples include:

• The Rationalized infrastructure is a business enabler: security enhanced and well managed, with low complexity and high levels of automation.

• The use of zero-touch deployment helps minimize cost, the time to deploy, and technical challenges. The number of images is minimal and the process for managing desktop computers is very low touch.

• Rationalized customers have a clear inventory of hardware and software and purchase only those licenses and computers that they need. The IT department's primary challenge is to improve integration across implemented products and take advantage of the total value of those products.

• Security is extremely proactive with strict policies and control, from desktop computer to server to firewall to extranet.

• Compared to the Basic and Standardized phases, IT costs are substantially lower, because efficiencies increase through a centrally managed and monitored desktop environment, and improved security administration reduces the burden on IT resources.

• End-user productivity is significantly increased due to the flexibility provided by mobile options and the ability to collaborate across physical locations and time zones.

Dynamic

Customers with Dynamic infrastructures are fully aware of the strategic value that their infrastructures provide in helping them run their businesses efficiently and staying ahead of competitors. Processes are fully automated, often incorporated into the technology itself, enabling IT to be aligned and managed according to the business needs. Examples include:

• Costs are fully controlled; there is integration between users and data, desktop computers, and servers; collaboration between users and departments is pervasive; and mobile users have nearly on-site levels of service and capabilities regardless of location.

• The Dynamic infrastructure is a core strategic business asset, optimized for business agility and high service levels. It may have a higher cost profile than the Rationalized state, which is offset by its increased value.

• Company executives view IT as a strategic asset instead of a cost center, enabling an organization to be much more agile and better respond to business needs and competitive challenges. Additional investments in technology yield specific, rapid, measurable benefits for the business.

• The use of self-provisioning software and quarantine-like systems for ensuring patch management and compliance with established security policies enables the Dynamic organization to automate processes, thus helping improve reliability, lower costs, and increase service levels.

• New employees can be immediately productive, because the IT department can rapidly and proactively respond to end-user issues, and because of the end-to-end integration, automation, and management of data, desktop computers, and servers.

Benefits of Infrastructure Optimization

The IO Model from Microsoft helps customers understand and subsequently improve the current state of their IT infrastructures and what that means in terms of cost, security, risk, and operational agility. Dramatic cost savings can be realized by moving from an unmanaged environment toward an environment of fully automated management and dynamic resource usage. Security improves from highly vulnerable in a Basic infrastructure to dynamically proactive in a more optimized infrastructure. IT infrastructure management changes from highly manual and reactive to highly automated and proactive.

Microsoft and partners can provide the technologies, processes, and procedures to help customers move up through the IO Model. Processes move from fragmented or nonexistent to optimized and repeatable. A customer gains a greater ability to use technology to improve its business agility and deliver business value as it moves from the Basic state up the continuum toward a Dynamic state, empowering information workers and managers and supporting new business opportunities.

The phases of IO described previously are descriptive rather than judgmental. They represent an IT status that is specific to an organization's size, industry, and business model. It is rare to find a company with an infrastructure that completely fits into one phase, or a company that has fully realized a Dynamic state. For smaller companies, moving past the Standardized phase may not be appropriate because of the costs required to establish a more advanced infrastructure.

The reality in today's enterprise, however, is that many customers still run older technology, expend manual rather than automated infrastructure management techniques, and typically have not maintained their environments based on the software and technology upgrades available to them. In data profiling of more than 9,000 customer accounts, Microsoft has found that 61 percent are in a manual, reactive state of IT management and maintenance, and 36 percent have limited automation and minimal process and knowledge capture of the environment (still very reactive). Only 3 percent can be characterized as being driven by a well-managed, high-security infrastructure managed by a set of policies and operations with a current state of technology deployment and implementation.

Using the Application Platform Infrastructure Optimization (APIO) model, enterprises can evaluate and understand how to deliver a more flexible, scalable application platform. IT can provide the infrastructure, technologies, and tools needed to build connected and adaptable systems. Infrastructure will align more effectively with the business and present better business choices that add greater value to the company.

Technology can help a business keep pace with changes and meet the challenges of this new world of work. The Business Productivity Infrastructure Optimization (BPIO) model helps enterprises simplify how people work together, provides direction for securing and managing content, and enables workers to find information easily and improve business insight.

Position of Microsoft in the Continuum

The infrastructure at Microsoft has the benefit of access to a broad range of technologies and a business centered on the effective use of technology, but it lies primarily between Standardized and Rationalized. That it is well beyond Basic is not surprising, but its position in the middle levels serves to highlight the challenges that many businesses face when upgrading and centralizing technologies, and the need to establish a balance between current business requirements, investments, and returns.

Microsoft IT has been putting significant thought and effort into advancing itself along the IO Model scale, with a number of successes that may illuminate pathways for other enterprises to consider when planning their own steps forward in the IO Model.

The following sections of this paper look at examples of recent steps that Microsoft has taken to advance its infrastructure toward the mature end of the IO continuum, in the context of key capability areas within the core IO, APIO, and BPIO models. These sections are intended to provide examples of possible steps that organizations (in similar circumstances) might take to address certain IT issues or attain particular business objectives by using technology.

For reference, each capability section begins with a brief summary of what the capability would look like in an organization at the Rationalized or Dynamic phase of the optimization model because these are treated as goal phases for the purpose of this paper.

Core IO Model

The Core IO Model defines six capabilities that are required to build a more agile IT infrastructure. IO efforts at Microsoft have focused on these key infrastructure capabilities that, for Microsoft, drive the business value of technology:

• Desktop, Server, and Device Management. Describes how customers should manage desktop computers, mobile devices, and servers, as well as how to deploy updates, operating systems, and applications across the network.

• Identity and Access Management. Describes how customers should manage people and asset identities; solutions that should be implemented to manage and protect their identity data (such as synchronization, password management, and user provisioning); and how to manage access to resources from corporate mobile users, customers, and/or partners outside a firewall.

• Security and Networking. Describes what customers should consider implementing in their IT infrastructures to help guarantee that information and communication are protected from unauthorized access, while at the same time providing a mechanism to protect their IT infrastructures from denial attacks and viruses, and preserving access to corporate resources.

• Data Protection and Recovery. Provides structured or disciplined backup, storage, and restoration management. As information and data stores proliferate, organizations are under increasing pressure to protect that information and provide cost-effective and time-efficient recovery when required.

Desktop, Server, and Device Management

An organization that has a Rationalized or Dynamic IT environment in Desktop, Server, and Device Management has a managed environment with a high degree of automation for migrations and refreshes, client and server firewall mitigations, system monitoring, or server operations. Hardware and software are readily inventoried, and there is automated, centralized management of the reference image system.

Desktop, Server, and Device Management typically gives IT professionals three main components to manage: images (sections of random access memory (RAM) that have been copied to another memory or storage location), updates, and software. Ideally, the number of images is kept to an absolute minimum. The business of Microsoft requires that multiple versions of the operating system are in use across the enterprise. Most developers work with the current version in addition to some previous and upcoming versions, for compatibility and in-environment testing and to help ensure that they are coding to accommodate each possible version that users may employ. Historically at Microsoft, there are five images maintained per operating system and four active operating system versions, giving a total of 20 images. (For comparison, one Microsoft customer, a Fortune 50-level manufacturing company, has as many as 60 images.)

Microsoft IT has built a number of tools to apply to all images at once, regardless of hardware, enabling it to apply software updates to images whenever necessary. Microsoft IT recognizes that there may be cost savings by reducing to one image, but it maintains that smart use of its five images saves costs. One example is that images enable a threshold on issue resolution time. If support cannot resolve an issue in a company computer within two hours, Microsoft IT just removes the software, puts in a new image, and restores the computer's data, rather than continuing to expend time and effort on the problem.

Although security updates are often described as an irritation outside Microsoft, within the company, they are essentially transparent and relatively rare. Many organizations have up to 100 updates yearly, but Microsoft, in 2005, had 10 update events (that is, its monthly update cycle). Updates at Microsoft are managed through a highly automated system centered on Microsoft® Systems Management Server (SMS) 2003, which applies all updates concurrently to images, which themselves are versioned. SMS tests update compliance by quarantining every new network access request until it checks the updates on the requesting computer. Any updates that are missing are logged to be included in the next SMS update. This system has enabled Microsoft IT to move from a reactive condition in which it did not always know which computers were or were not patched, to a process that keeps workflow spikes flattened and service levels high, while keeping individual computers patched and running smoothly.

SMS also contributes to software distribution, but it is the combination of SMS with Microsoft Operations Manager (MOM) and the Active Directory® directory service that helps Microsoft move this task toward the Rationalized phase. Microsoft uses SMS throughout its environment for software distribution, with additional scripting to increase the level of automation of everything from data collection to reporting. The system not only searches the network for updates as described previously, but also handles compliance monitoring, including security or policy settings, and asset management, which is tracking which computers meet hardware requirements and standards for the business group that is using it. This system provides Microsoft IT with real-time information on the network environment, which enables more effective use and management of network resources.

Microsoft has employed MOM for system monitoring since it was released in mid-2001. However, its monitoring systems were not rationalized in several places. Until deployment of MOM 2005, the Microsoft event management system was monitored on two consoles—one covering the network and the other covering the servers—each with proprietary software that Microsoft IT custom-wrote to augment its back-end monitoring structure. Working these consoles required a specific skill set and a high degree of training. Two or three analysts per shift, 24 hours a day, staffed the consoles to distinguish between the various alerts (reports of potential issues) and determine which were significant enough to merit support time.

MOM 2005 Connector Framework enabled Microsoft IT to track all network events from one centralized console, requiring only one support technician and reducing custom-software support costs by $100,000 U.S. per year. Not only is status information throughput now higher, but the user interface with MOM 2005 gives out-of-the-box support to assign and track tasks, scripts, and general triage. The MOM user interface resembles Microsoft Office Outlook®, enabling easy management without specialized training. Microsoft IT can therefore staff the control center with a lower level of support, such as vendors, rather than highly paid engineers, which reduces headcount and associated costs.

MOM also enables integration of the ticketing system with the console. This means that ticket creation can occur from the console, which reduces administrative overhead and standardizes the ticket coding, enabling cleaner metrics for the ticketing system.

Additionally, Microsoft IT is consolidating MOM into a centrally managed infrastructure, reducing the number of MOM servers from 27 to 15. This consolidation will enable even greater cost savings and error reduction, and it will help to further increase monitoring effectiveness.

Identity and Access Management

An enterprise that has Identity and Access Management in a Rationalized or Dynamic phase features Active Directory Group Policy and security templates to manage desktop computers for security and settings, tightly managed desktop computers, and centrally managed user provisioning across heterogeneous systems.

Microsoft IT has employed IP security (IPsec) for many years for domain isolation, meaning setting standards for access rights to protect sensitive group information—for example, keeping human resources or legal servers closed to employees who are not in those groups. IPsec can be especially useful for this, because it enables virtual private networks (VPNs) and remote user access through dial-up connections to private networks.

In the Microsoft environment, however, access issues remained for network users going across domains, because each domain often required a password. The situation, although challenging, was far less so than at other companies: Some industry estimates show enterprise customers averaging 12 external user IDs and passwords to manage, costing employees a total of 15 to 20 minutes per day in password management, and often leading to passwords jotted onto paper that can be seen by others or lost.

Microsoft has deployed a number of tools and services that reduce password and access issues. For example, some cross-domain access was simplified with Microsoft Windows Server® 2003 R2 Active Directory Federation Services (ADFS), which enables sign-on and authentication to other domains through a single password. This capability not only helps restore productivity time previously lost to password management, but it also offers Microsoft $100,000 in savings per year in reduced Helpdesk costs spent researching and resetting passwords. Additionally, reduced authentication points results in a smaller network attack surface; that is, there are fewer spots through which attackers may access the network.

Security and Networking

The Rationalized and Dynamic phases in Security and Networking describe an IT environment that provides a security-enhanced, reliable connectivity solution for the company's mobile workforce inside and outside the corporate campus. The environment has centralized and automated management of critical elements such as application and image deployment, server operations, security event correlation, and security updates and firewall mitigations for clients and servers.

In addition to the monitoring efficiencies mentioned previously, MOM 2005 has enabled more efficient handling of reported security events. In 2004, for every 20 alerts reported, only one was deemed sufficient to issue a support ticket, and around 28 percent of the tickets were determined to be no real problem. By adjusting processes in addition to using the automated ticketing capabilities of MOM 2005, the alert-to-ticket ratio is now below 3 to 1, saving hundreds of hours spent yearly in needless event triage, ticketing, and routing. Part of this benefit is because MOM helps control center analysts pinpoint problems faster. It helps eliminate false alerts—that is, multiple issues coming from one source—thereby putting the analyst more quickly involved in actual support issues. The result is a reduction both to false alerts and to the total alert volume, which gives analysts even more time to focus on legitimate issues and keeps costs down.

Microsoft IT also implemented SMS and Microsoft Baseline Security Analyzer (MBSA) version 1.2, which together provide a 25 percent savings in vendor Helpdesk costs and more efficient deployment of software updates. The update process previously required up to 10 business days, and it now takes no more than four business days—it is often accomplished in one day. Microsoft is also seeing security benefits from deployment of Audit Collection Services, which will be integrated in MOM 2007. Audit Collection Services makes it possible to collect and store security event logs on all critical assets.

To further increase its Security and Networking capabilities, Microsoft is also deploying its new Network Access Protection (NAP) platform, currently in beta testing for release with Microsoft Windows Vista™. NAP uses a combination of policy validation and network access limitation components to control network access or communication, based on administrator-defined standards of system health. NAP helps ensure that the accessing computers use up-to-date software and meet policy requirements.

Data Protection and Recovery

A Rationalized or Dynamic environment in terms of Data Protection and Recovery features self-managed backup and restoration on all servers and desktop data with service level agreements (SLAs), storage area network (SAN) backups with hardware (data) snapshots, and disk-to-disk data transfer technology.

Microsoft IT estimates that it must back up more than 1,800 petabytes (1.8 million gigabytes) every month across the company, of which 11 percent is in its 115 branch offices around the world. In addition, Microsoft IT predicts internal data growth of 30 percent per year. Like many companies, Microsoft has historically backed up its data on tape media, a generally efficient methodology for long-term retention and off-site storage, but sometimes inefficient and unreliable for short-term storage. The annual failure rate of tape drives at Microsoft is around 17 percent. Industry analysts say that more than 40 percent of companies have had tape restorations fail because the data was not correctly written to tape, was corrupted, or was in other ways unusable. Microsoft IT encounters about 16,000 errors among the 400,000 backup jobs in a typical month, across almost 5,000 servers.

Microsoft IT is transitioning its branch offices to Microsoft System Center Data Protection Manager (DPM), a disk-based backup solution that centralizes backup, reduces backup errors, and reduces the resources needed to manage backups. DPM eliminates the need for tape equipment (and attending staff) at branch offices, reducing those costs by $300,000 per year, plus additional savings of $50,000 at each branch office normally spent on off-site tape storage. The ability to use off-the-shelf hardware also enables cost savings: Microsoft IT estimates a savings of $2.7 million in the first two years of using DPM. Most significantly, however, the window of restoring data to the business-critical systems is tremendously smaller—this is critical because an enterprise can lose thousands of dollars every minute its system is down. Previously, Microsoft IT's restoration of backed-up data took up to eight hours, but with DPM, data is streaming back to target servers in minutes.

Application Platform IO Model

Following the APIO model can help grow business through five key areas of investment. APIO efforts at Microsoft have focused on these key infrastructure capabilities that, for Microsoft, have helped align IT with business goals:

• Business Intelligence Describes the business intelligence infrastructure that ties information together across an organization. A single framework can remove barriers to finding and using data, which helps people throughout the organization to collaborate and make informed decisions.

• Data Management. Describes infrastructure strategies and management processes that help companies of all sizes store (according to security guidelines) and manage ever-increasing amounts of data from disparate sources. It can also help ensure that business-critical systems and applications stay running.

• Software Development. Describes the integrated development environment for all types of development, including Microsoft Windows®, Microsoft Office, Web, and mobile applications. Helps an organization respond to business priorities by offering the right level of visibility, collaboration, and control within the software development process.

• Service-Oriented Architecture and Business Process Management. Provides proven best-practice guidance on how to establish and manage flexible, repeatable, and connected business and IT processes within a service-oriented architecture.

• User Experience. Describes what organizations should consider implementing in their IT infrastructures to help guarantee superior user experiences that drive employee productivity, customer loyalty, and business growth.

Business Intelligence

An enterprise that is moving toward higher maturity levels uses performance management, reporting and analysis, and data warehousing to establish a common overview of the company's business processes. The enterprise also provides qualitative and quantitative benchmarks to measure and track enterprise efficiency and to improve planning and forecasting. It can tie together financial, operational, sales, and human resources information to help people make better-informed decisions. The technology that supports business intelligence spans across APIO and BPIO.

The Microsoft Business Intelligence platform is built on Microsoft SQL Server™ 2005 and is delivered through the 2007 Microsoft Office system. It includes analytic applications; scorecards; dashboards; reports; analysis; data mining; online analytical processing (OLAP); extraction, transformation, and loading (ETL); and data warehousing.

However, a key challenge for users was the lack of a central, easy-to-use integration point for hosting so many different types of reporting solutions, and Microsoft wanted to develop a solution to bolster the company's internal business intelligence initiatives. To extend the impact of its reporting and analysis tools, Microsoft IT created a centralized user-interface platform that enabled users to view reports, scorecards, key performance indicators (KPIs), multidimensional analytics, and other metrics without having to move from one reporting site to another.

Microsoft Office SharePoint® Server 2007 provided the foundation for a centralized portal. SharePoint Server 2007 Web Parts simplified the integration of the different reporting elements, including the Reports Catalog, Microsoft Office Business Scorecard Manager 2005, SQL Server 2005 Reporting Services, and SQL Server 2005 Analysis Services. By using Active Directory to apply role-based access across all integrated reporting solutions, the portal gives users a seamless sign-on experience and removes the complexity of logging on to multiple sites and services to gather data.

By establishing a common overview of the company's business intelligence, these tools enhance user productivity, provide an instant view into the business with effective scorecard and dashboard creation tools, and give users the ability to drill down into report details by integrating rich data-analysis tools. The company has gained improved business insight and the ability to identify and take action on problems and opportunities more quickly companywide.

Data Management

A Rationalized or Dynamic environment in terms of Data Management features technology that increases timely access to important information from a vast array of applications, systems, and tools.

One of the first places where Microsoft employees look for support information—for example, to purchase equipment or find help with a technical problem—is the internal ITWeb site. In a single day, thousands of employees use ITWeb for help in solving problems. On the average, ITWeb receives 9,000 page requests per day, making it one of the most highly used internal sites.

Microsoft needed to improve the user experience with ITWeb because the existing solution, based on Microsoft Content Management Server (MCMS) 2002, made the process of creating, maintaining, and locating data, information, and content too difficult. Although that solution met the business requirements when Microsoft IT first implemented it, the growing need for improvement in the services provided by ITWeb necessitated an update of the site's functionality.

By migrating ITWeb to a SharePoint Server 2007-based solution, Microsoft IT improved the user experience and increased timely access to the important support information that employees need. The ITWeb site now provides more personalized content to users, improved search features, improved content creation, and streamlined workflow. The new solution also requires less support effort, and the migration required minimal or no customization.

Users can search information stored in a variety of content sources (not only the content stored in SharePoint Server 2007). These content sources are products and technologies that store content that SharePoint Server 2007 will index. The content sources that can be indexed and searched include other SharePoint Server 2007, Microsoft Office SharePoint Portal Server 2003, and Microsoft Windows SharePoint Services 2.0 sites; shared folders; Web site content; and Microsoft Exchange public folders.

Software Development

An organization in the Rationalized or Dynamic environment uses a common development framework and integrated software development tools for teams to create dynamic, data-driven applications to run an organization of any size, while at the same time providing managers with more predictability and visibility into their development life cycle.

Before the implementation of Microsoft Visual Studio® 2005 Team System, the Microsoft OEM Division's IT Center of Excellence (OEM IT) was in the situation of many software development organizations. It used a set of separate, internally developed tools for work item tracking, version tracking, defect tracking, test case management, and build management. It also used a stand-alone product for source control. These tools operated on separate servers, were not highly integrated, and were difficult to manage. The disparate architectures and infrastructures made integrating these systems difficult.

Microsoft IT uses Visual Studio 2005 for a single, fully integrated development environment for all types of development, including Microsoft Windows, Microsoft Office, Web, and mobile applications. Development teams use their existing skills to create applications that can be used throughout the organization. To bring automation, integration, and collaboration to the entire software development life cycle, OEM IT implemented Visual Studio 2005 Team System. This client/server system consolidates project management, work item tracking, code source control, build and test environments, and bug tracking. Automation of numerous administrative tasks saves the team time and money in software development projects.

The Microsoft application platform can meet the diverse requirements of individual professional developers and development teams. The platform includes delivering a variety of editions tailored to specific needs to support the most reliable and scalable Web platform with Internet Information Services version 6.0 and Microsoft ASP.NET version 2.0, as featured in the Web Deployment Projects add-in. By providing support for the development process from design to deployment through Visual Studio 2005 Team System and Microsoft .NET Framework integration, Microsoft IT has established a common development framework.

Service-Oriented Architecture and Business Processes

An organization that has a Rationalized or Dynamic IT environment in SOA and Business Processes connects disparate systems and processes to help the business to respond in real time to customers, partners, and a changing business climate. A key aspect of this solution is the Microsoft SOA capabilities.

The Microsoft Entertainment and Devices Division required a business integration and intelligence framework that would facilitate both application integration and the exchange of business documents between internal and external sources. Additionally, the Entertainment and Devices Division required the framework to be able to seamlessly exchange data by using the SAP R/3 Enterprise Resource Planning (ERP) system that Microsoft uses. This dynamic business relationship between Microsoft and its external partners required a solution that would be agile and adaptive.

Microsoft IT deployed Microsoft BizTalk® Server 2006 together with Microsoft BizTalk Adapter v2.0 for mySAP Business Suite to help the Entertainment and Devices Division create a business integration and intelligence framework that facilitated application integration and process management for business documents. The BizTalk Server 2006 solution provided an integration platform that seamlessly integrated systems by using manageable business processes that can be automated and that can flexibly correlate business documents.

Combined with BizTalk Adapter v2.0 for mySAP Business Suite, SAP R/3 ERP system integration solutions require no development code to transport the Intermediate Document (IDoc), Business Application Programming Interface (BAPI), and Remote Function Call (RFC) SAP R/3 ERP system schema types for both incoming and outgoing business documents in BizTalk Server 2006.

With the deployment of the business integration and intelligence framework, the Entertainment and Devices Division achieved a flexible, reliable, and scalable integration solution that is easy to maintain. Both operations and business users have gained central real-time visibility into the supply-chain management processes that are required to manufacture the Microsoft Xbox 360™ console. Additionally, by using BizTalk Adapter v2.0 for mySAP Business Suite, the Entertainment and Devices Division seamlessly integrated new business processes quickly with the central SAP R/3 system without custom coding.

Business Productivity IO Model

The BPIO model maps an organization's level of infrastructure optimization and provides guidance for optimizing IT infrastructure assets to better realize the full value of IT infrastructure investments, across three key capability areas:

• Unified Communications and Collaboration. Describes infrastructure technologies that customers should consider deploying to help guarantee that information and communications are protected from unauthorized access and to continue to enable authorized network access. This capability also includes pervasive messaging, workspaces, portals, mobility, voice, and conferencing capabilities that simplify how people work together.

• Enterprise Content Management. Describes how customers can manage information and processes by using forms, documents, records, and Web content management and search technologies.

• Business Intelligence. Describes the reporting, analysis, scorecards, dashboards, advanced analytics, ETL, data mining, and data warehousing technologies that improve business insight and drive business performance.

Unified Communications and Collaboration

An enterprise that is moving its messaging toward higher maturity levels provides security-enhanced, reliable connectivity for a distributed workforce. The enterprise also provides security and policy enforcement on mobile devices, provides integrated spam and virus protection for Web-based e-mail and for mobile devices, enables connections that do not use VPNs, and more.

In the capability category of Unified Communications and Collaboration, Microsoft falls within the Rationalized phase due largely to the combination of Microsoft Internet Security and Acceleration (ISA) Server 2004, Microsoft Office Outlook Web Access, and Microsoft Exchange Server 2003 SP2, along with Windows Mobile® version 5.0, Messaging & Security Feature Pack (MSFP), Microsoft ActiveSync®, and Microsoft Antigen. The messaging system at Microsoft is centered on the Exchange platform, and for the purposes of this document, can be considered to have three focus areas: security, message hygiene, and compliance.

One major issue that Microsoft faced with messaging security in the Standardized phase was an absence of policy control—users were given personal identification numbers (PINs), but they were rarely, if ever, used. Today, policy is enforced by MSFP, an extension of Windows Mobile 5.0. MSFP has tools that enable network administrators to control policies remotely, refresh them every few hours, enforce password length and strength, and more. MSFP can lock a device after too many incorrect attempts to enter a password, or it can do a remote wipe to clear data and credentials from a device reported lost or stolen.

Message hygiene refers to keeping out spam and malicious code (such as viruses). In the Standardized phase, Microsoft IT used a third-party antivirus application that was not optimally integrated with Exchange. The application included a single-layer spam control that filtered the messages that showed the most obvious signs of spam. Microsoft IT now uses Exchange Server 2003 SP2, which has antispam filtering out of the box, in addition to Intelligent Message Filter, a custom word list, a real-time block list, Sender ID, and a phishing filter. The Antigen message filter application has multiple scanning engines that inspect every message, greatly improving the detection rate.

Compliance with regulatory requirements—keeping message content only between the sender and the intended recipient—was sporadic in the Standardized phase. As in most companies, bulk messages were transmitted in clear text, and the sender decided when a message was sensitive enough to be made more secure. Microsoft has now raised the security standards for all messaging transactions: All messages within the company, and between Microsoft and selected partners, are always sent over encrypted transport. The company opted in this case for assurance, rather than extra messaging functionality. The better business value, in the view of Microsoft, came from helping to ensure that security needs were met end to end.

An employee survey found that real-time communication at Microsoft, enabled by the deployment of Microsoft Office Live Communications Server 2005 and Microsoft Office Communicator 2005, eliminates productivity delays and saves employees more than one hour per person per week. This represents a 3 percent improvement, leading to as much as $48 million per year in productivity benefits for the company.

Through Active Directory integration, the Live Communications Server 2005 deployment was reduced from 19 servers to 15, which includes five servers for new functions such as federation, load balancing, and database servers. With the deployment of these solutions, Microsoft IT has provided a more secure internal and remote access that is easier to set up and manage. URL and attachment filtering provide a more secure instant-messaging environment. The communications and collaboration systems are now more available and more scalable, and they achieve higher performance in a two-tier server farm configuration.

Enterprise Content Management

An enterprise that is moving its Enterprise Content Management toward higher maturity levels provides the capability to help protect and manage vast reserves of unstructured content—such as e-mail, media files, and Web pages—so they can be used as strategic assets to drive overall business growth.

The Microsoft internal InfoWeb site was created as a central portal for key content and data across a spectrum of areas, including products, technology, partners, programs, competition, segments, and verticals. The repository, built on Office SharePoint Portal Server 2003, supports about 40,000 unique visitors each month and has become an essential resource for employees across the enterprise.

Microsoft IT was eager to expand the previous implementation of SharePoint Portal Server 2003 to offer even more benefits and greater functionality to users, enabling it to offer a more complete content management system that would drive overall business growth. The InfoWeb team needed an easier way for internal product teams and other stakeholders to stage and review content before publishing it to the site. The team also required a more efficient way to control release dates. Additionally, Microsoft IT saw growing requests from users for the ability to perform basic business intelligence queries and configure KPIs when working with market data and other information resources. Users were also requesting Really Simple Syndication (RSS) support so they could easily subscribe to and receive notifications about content updates that mattered to them.

Powerful workflow management features in Office SharePoint Server 2007 now enable the InfoWeb solution to expand to meet growing requests for an optimized publication and review process with more control over the release and updating of information. Integration with customer relationship management and sales databases, along with business intelligence capabilities, increases the value of this vital tool and the productivity of the employees who use it.

Microsoft IT has implemented content authoring and management across its entire enterprise. By using the Enterprise Content Management feature in SharePoint Server 2007, users have gained new client-side tools that improve authoring of content. Content authors across marketing, operations, development, and other divisions have a better representation of how content will appear on their sites than before. Site creation tools like templates enable users to create sites and post content to them, Users can also make changes to the style, layout, and user interface of a site (through cascading style sheets).

Content authors and administrators can also set content expiration dates and decide ahead of time whether the content should be archived when it expires. This ability helps reduce the content management efforts. Additionally, new workflow features of SharePoint Server 2007 enable the creation of complex workflow processes through minimal (or no) end-user development effort. Employees can share their ideas and projects with other employees by using the collaborative features of SharePoint Server 2007.

Business Intelligence

An enterprise that is moving toward higher maturity levels uses performance management, reporting and analysis, and data warehousing to establish a common overview of the company's business processes. The enterprise also provides qualitative and quantitative benchmarks to measure and track enterprise efficiency and to improve planning and forecasting. Business intelligence ties together financial, operational, sales, and human resources information to help people make better-informed decisions. The technology that supports business intelligence spans across APIO and BPIO.

The reporting environment for Microsoft, including the sales division's MS Sales revenue reporting system, was previously based on Microsoft SQL Server 2000. Consisting of ad hoc reporting applications and a variety of independent, custom-built tools that generated standard reports, the reporting environment met the needs of the company at first. Over time, however, users began to experience performance issues.

A performance analysis showed that nearly nine percent of queries in the MS Sales reporting system took more than 20 minutes to return data from the data-mart. The absence of a robust, scalable business intelligence solution also meant that a significant amount of developer and IT resources were involved in supporting the changing business reporting needs of the numerous business groups at Microsoft that access revenue information in MS Sales. Support and maintenance costs were disproportionately high.

To create a standardized and flexible reporting platform that would scale to include not only Business Unit IT departments in Microsoft IT but also other groups in the company, Microsoft IT developed and implemented the Centralized Reporting System (CRS) application. CRS is a BI solution that uses SQL Server 2005 Integration Services (SSIS) to act as its ETL component.

The CRS implementation has provided several benefits to Microsoft IT. First, by using SSIS packages, developers can easily implement metrics calculations and save significant development time. Ties with the Microsoft .NET Framework version 2.0 give Microsoft IT developers more controls to customize data calculations. Additionally, because Microsoft IT developers are more familiar with the.NET Framework than with a third-party ETL solution, they are able to implement these metrics calculations quickly.

SSIS enabled Microsoft IT to expand the reporting capabilities of CRS over the capabilities of the former reporting application by enabling reporting access to historical data. SSIS packages run concurrently, reducing data reprocessing by 80 percent. Additionally, by reducing the number of independent reporting applications across Business Unit IT departments and by creating a standardized reporting platform, Microsoft IT expects to experience reductions in support costs over a three-year period. Microsoft IT estimates savings of approximately $170,000 per year in staffing requirements, $50,000 per year in server hosting costs, and $2,000 per year in server costs related to independent reporting servers.

Value of Infrastructure Optimization

The experience of Microsoft within its own IT environment, and the company's observation of customer enterprises, suggest a significant business value from IO. The benefits that an organization can achieve include:

• Simplified infrastructure andmanagement. Faster return on investment (ROI) through more targeted IT spending and increased end-user productivity.

• Reduced cost and complexity. Lower TCO by streamlining operations, eliminating waste, and reducing the cost of deploying desktop computers.

• Security. Improved platform for delivering a more secure, well-managed IT services portfolio to the desktop computer.

• Improved productivity. Increases in worker productivity resulting from the use of information sharing and collaboration technologies.

• Interoperability. Better integration across the application platform for new levels of productivity and effectiveness.

• Amplified impact for workforce. By using the APIO Model and the BPIO Model together, Microsoft focuses its IT investments to drive innovation, smart decision-making, and better customer relations.

For Microsoft IT, considering productivity, cost, and security helps to define consistent criteria for technologies that are critical to an optimized and effective IT infrastructure that will continue to align with the overall, long-term business requirements at Microsoft. At the same time, Microsoft IT is committed to helping other organizations benefit from its firsthand experience with new technologies, and it offers guidance on how to integrate technologies into a large, complex IT infrastructure.

For the customer who is thinking about how the IO Model can help his or her organization, critical aspects to consider include what major IT pain points the organization hopes to solve, and what business value the organization holds as the most significant.

Microsoft has been driving toward a well-managed infrastructure for some time. From that experience, Microsoft believes that the IO Model can help companies take a long-term, strategic view of their IT infrastructures. The model offers a broadly applicable roadmap to help address today's IT challenges, and to link capability and maturity improvements to business needs. That will help organizations to maximize IT investments, sustain improvements in productivity, and sustain reductions in TCO.

Next Steps

Companies should also identify critical pain points within each of the capability areas for the stage they want to attain.

You can view a slide show on the infrastructure optimization journey (PowerPoint file, 14.3 MB) to learn more about how to optimize your infrastructure and reduce costs. To read white papers and assess your IO stages go to: www.microsoft.com/io

The following real-world examples illustrate the use of IO among Microsoft customers:

• Brembo. Find out how a leading brake system manufacturer consolidated resources in a new architecture to increase collaboration and drive innovation in the planning and production of high-performance products.

• TÜV NORD: Find out how a leading certification firm aligned technology with business growth, increased productivity, and cut IT costs by 47 percent by using IO.

• HSBC Mexico. Learn how HSBC Mexico brings new financial service software to market more quickly, cut IT travel costs, and improved system management by implementing a centralized solution based on the Windows Server 2003 operating system.

• University of Iowa. See how productivity of the university's IT staff increased 60 percent through the implementation of a desktop management solution.

• Comision Nacional Agua. Learn how a new IT Infrastructure gave the National Water Commission better manageability and helped boost revenue.

For More Information

For more information about Microsoft products or services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada information Centre at (800) 563-9048. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information via the World Wide Web, go to:

http://www.microsoft.com

http://www.microsoft.com/technet/itshowcase