Product Reviews

Microsoft's System Center Suite

An in-depth review of each System Center component shows the overall product is more like a collection of similar applications than a suite.

Management and monitoring of computers and servers, both physical and virtual, is essential for businesses. Choosing the best tool can be tricky, as there are many applications available to do the job. Microsoft touts the System Center (SC) suite as an integrated management package for businesses of all sizes. SC is made up of Configuration Manager 2007 R2, Operations Manager 2007 R2, Essentials 2007, Data Protection Manager 2007, Virtual Machine Manager 2008, Mobile Device Manager 2008 and Capacity Planner 2007. Service Manager for HelpDesk is a forthcoming application. Here, we'll look at each component of the suite in detail.

System Center Configuration Manager 2007 R2
As the name suggests, System Center Configuration Manager (SCCM) collects hardware and software inventory from all managed nodes and stores it in a SQL Server database. It also distributes and installs applications, patches applications automatically, meters software license usage and provides configuration management with auditing.

SCCM 2007 includes all the functionality of its predecessor, System Management Server (SMS) 2003, but in a package that's more scalable and easier to implement. It also adds Desired Configuration Management (DCM), Network Access Protection (NAP) integration and Wake on LAN (WOL).

DCM lets users establish a configuration baseline for a particular type of server and flags any deviation from that baseline. NAP in Windows Server 2008 ensures the health of clients connecting to the network; SCCM plugs into NAP and provides the remediation server when a client needs patches. WOL should prove popular in green enterprises: With WOL, SCCM can wake up selected computers during non-office hours, install patches and updates, and then turn the computers off again. With Internet-based client management, SCCM lets IT manage laptops on the go as if the machines were in the office, eliminating the need for clunky VPN connections.

New in R2 is support for running sequenced applications created by the Microsoft Application Virtualization Platform. This functionality requires Service Pack 1 of the SCCM client software, as well as the Microsoft Application Virtualization Desktop 4.5 client. R2 monitors Forefront Client Security using a new configuration pack and uses DCM to audit Forefront for compliance with service-level agreements (SLAs).

SCCM can boot unknown computers in a pre-boot execution environment, deliver an operating system image that includes the SCCM client software, and automatically assign those computers to a group. Multicast OS deployments are available in R2 as long as Windows Deployment Services is running on Windows Server 2008. This function can save considerable bandwidth during simultaneous rollouts of many client computers.

SCCM manages virtual machines (VMs) as easily as it handles physical boxes, but it's a Microsoft-centric product. As such, it offers little for controlling the configuration of any other platforms.

System Center Operations Manager 2007 R2
Compared to SCCM, System Center Operations Manager (SCOM) has a broader scope of capabilities. Microsoft, in an effort to persuade more large businesses to use the SC suite exclusively, has included monitoring of Unix and Linux environments in SCOM. Supported operating systems include HP-UX, Sun Solaris, Red Hat Enterprise Linux, SuSE Linux Enterprise Server and IBM AIX 5L version 5.3.

SCOM is unbeatable for monitoring the health of a Microsoft IT infrastructure. Management Packs (MPs) are essential for this deep insight. No Microsoft server product is released to manufacturing without the corresponding MP being available. The knowledge and automatic troubleshooting capabilities built into these MPs can be invaluable in a troubleshooting situation. Aside from Microsoft MPs, there are also third-party offerings available for monitoring: Brocade's SAN, Oracle's Siebel CRM and BI, Tripwire, SAP Monitoring, Citrix XenApp; hardware from Hewlett-Packard Co., Dell Inc. and IBM Corp.; and Cisco routers and switches, among other systems. Quest Software Inc. offers MPs that cover many non-Microsoft applications, including Apache Web server, BlackBerry Enterprise Server, IBM Lotus Domino, and all popular distributions of Linux and Unix.


[Click on image for larger view.]
System Center Essentials 2007 is the smaller sibling of Operations Manager, but it's surprisingly capable.

Audit Collection Services collect and store security event logs for auditing and compliance purposes; SCOM ships the logs in near real-time to a central server. New to the system is end-to-end service monitoring using a Simple Object Access Protocol-based XML language called System Definition Model; IT can use this to build and monitor models of IT services.

New in SCOM R2 is a service-level dashboard that plugs into SharePoint and gives visual feedback on SLAs. A new Visio plug gives the ability to have "live" network diagrams with up-to-date health information. There are also connectors to link SCOM to Tivoli Enterprise Console and HP OpenView Operations to allow for alignment of state and alert information across monitoring systems.

What hasn't changed in SCOM from the previous version of the application, Microsoft Operations Manager 2005, is the ability to tweak alerts. Fine-tuning rules so that important alerts aren't drowned out by floods of less-important signals can still be very time-consuming.

System Center Essentials 2007
In midsize businesses with fewer than 30 servers and 500 clients, management and monitoring is no less critical than it is in larger businesses. However, smaller organizations often lack the budget and expertise to fully implement SC components. System Center Essentials (SCE) is the answer -- at least for Microsoft's product family -- as it combines the application, installation and patching functionality of SCCM with the monitoring capability of SCOM in one integrated, easy-to-install package.

A less-publicized option is to use SCE for outsourced management and monitoring. In this model, SCE is installed at each client's site and configured to talk to a SCOM server at the company's Network Operations Center over an SSL link (no VPN necessary). A special Service Provider MP segregates the monitoring of each client, and SCE provides custom SMB reports showing availability; highlights the top management issues; and details the time spent solving those issues.

System Center Virtual Machine Manager 2008 R2
With all major server virtualization players on the market now offering their platforms for free, the competition for business dollars has moved to management. System Center Virtual Machine Manager (VMM) is a very capable product. It manages Microsoft Virtual Server and Hyper-V as well as VMware's vCenter (formerly Virtual Center) and ESX Server. A library stores offline VMs, virtual hard disks, ISO files and scripts, as well as VM templates. VMM converts physical servers to VMs with the built-in physical-to-virtual feature, which is easy to use as long as the source server is a Windows Server. Intelligent Placement is another standout feature; it suggests the best physical host for a given VM based on performance data and load. SCOM, when installed, uses historical data for this task.

The integration with SCOM doesn't end there, however: Physical Resource Optimization (PRO) monitors both hosts and guests based on administrator-defined policies, and can flag issues for attention or automatically take action. Actions could include moving a VM from one host to another with VMotion or Live Motion, or starting another VM to share the load.

New in R2 is support for Hyper-V in Windows Server 2008 R2, including the new Live Motion feature. This feature allows the transfer of VMs from one physical host to another in a cluster with no loss of service for clients. The new Cluster Shared Volumes feature lets IT store multiple VMs on a single Logical Unit Number. The Offline Virtual Machine Servicing Tool 2.0 integrates with SCCM to automatically start offline VMs at regular intervals to make sure they're up-to-date with the latest patches.

The built-in support for managing VMware's platform makes sense for environments that use both platforms, but be aware that you need to keep vCenter around: VMM manages ESX hosts through it. VVM is a capable, easy-to-use product and a must for managing more than a couple of Microsoft virtualization hosts.

System Center Data Protection Manager 2007
Disk-based backup is becoming more popular, with tape being more and more relegated to long-term archiving. Data Protection Manager (DPM) is designed to be the best and most user-friendly data-protection tool for Windows file servers, Exchange, SQL Server, SharePoint and VMs in Hyper-V and Virtual Server. IT can use DPM for disk-to-disk, disk-to-disk-to-tape and disk-to-tape solutions. Gone are the days of nightly backups; today's enterprises need more frequent protection, so DPM offers 15-minute intervals as the shortest time for recovery points.

Microsoft put great effort into making DPM easy to use. IT folks can select storage groups in Exchange and farms in SharePoint to protect. When they have to recover data, they can select individual mailboxes or files to bring back. A DPM server at a company's headquarters can protect branch offices (initial backup can be done via removable media), and bare-metal restores are possible if an entire server is lost. DPM integrates with previous versions and allows self-service restores for end users. IT can configure one DPM server to protect another one, perhaps in a remote DR site.

For Microsoft server workloads, DPM is unbeatable. In heterogeneous environments, an enterprise backup solution can protect DPM and other workloads while letting DPM do its tasks. No third-party backup solution comes close to offering the deep integration with Microsoft's server applications that DPM offers.

System Center Mobile Device Manager 2008
Mobile Device Manager (MDM) puts Windows Mobile (6.1 or later) devices in Active Directory and allows Group Policy to manage them and Windows Server Update Services to patch them. Over-the-Air provisioning is useful: An administrator generates an enrollment PIN and gives it to the user. Using an enrollment wizard with the PIN on the phone, the user enters an e-mail address, and Mobile Device Manager finds the right server automatically and creates an AD object. Digital certificates secure future communication.

The device is linked via a VPN to the intranet, and IT can use Group Policy to lock down what apps can or can't run on it, and whether cameras, Bluetooth or SMS will be allowed.

MDM is a product for the future, as it only manages new Windows phones. As a result, it will likely have a hard time gaining market share.

System Center Capacity Planner 2007
This free tool is great for implementing Exchange 2007, Office SharePoint 2007 or SCOM 2007. Inputing all planned hardware, number and types of users, sites and WAN topology into Capacity Planner yields reports listing transaction times and bottlenecks, as well as visual diagrams that can be exported to Visio.

System Center Service Manager
Scheduled for release in early 2010 is the final piece of the puzzle, Service Manager. It'll offer a Help Desk interface that's easy to customize and use, and which will be the central point for service management across the SC products. Service Manager will be built upon Microsoft Operations Framework and Information Technology Infrastructure Library best practices guidance. An end-user Web front-end will be part of the product, as will a Configuration Management Database and a Knowledge Base.

REDMOND RATING
Installation 20%
8.0
Features 20%
10.0
Ease of use 20%
8.0
Administration 20%
10.0
Documentation 20%
10.0
Overall Rating:
9.2

Key: 1: Virtually inoperable or nonexistent  5: Average, performs adequately   10: Exceptional

The Final Word
While the products in the SC suite share a common name and similar interfaces, they're still separate products. And while they can all be driven from the command line using PowerShell, a common language doesn't make them siblings, merely citizens of the same country. There's some integration between applications, but the next version of SC is likely to be a far more deeply integrated suite.

System Center

Pricing varies by component
Microsoft Corp.
425-882-8080
www.microsoft.com
comments powered by Disqus

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.