Remarks by Andy Lees, Corporate Vice President, Server & Tools Marketing and Solutions Group, Microsoft Corporation
Microsoft Worldwide Partner Conference 2007
July 11, 2007
ANNOUNCER: Ladies and gentlemen, please welcome Andy Lees.
ANDY LEES: Well, good morning. Good morning. Boy, this is a fantastic time to be in the server and tools business. You know, we’ve been investing in our innovations to enable you, so that you can be successful with your customers, and that together we can build a strong business. And you have been investing, too. In fact, over the last 12 months, you have been significantly investing in your skills to broaden your competencies. If I look at what’s happened in terms of the number of partners that are in advanced infrastructure, that’s up by 23 percent year over year. The number of partners that are certified around the network infrastructure competency is up by 12 percent. Two thousand new partners have signed up around management, the System Center competencies.
Last year in this speech, we announced the Security Software Advisor program, where you can get up to 30 percent more margin on selling Forefront products as a rebate for the services that you provide. And you invested. In fact, we’ve had over 3,700 partners sign up for that in the first year alone.
On the application platform side of things, 63 percent increase in the number of partners that are certified for the data management. Another 64 percent increase in the number of partners that are certified in order to provide custom development skills. A 26 percent increase in the ones that are providing business process, and integration services. You’ve invested. We’ve invested in technology.
So what does that mean in terms of the results? Well, we start off by looking at what’s happening with the hardware market. The server hardware market in fiscal year ’07, Microsoft fiscal year that’s just finished, grew about 4 percent according to IDC. Now, interestingly, inside of that, the Intel/AMD architecture, the X86/X64 is actually growing at 6 percent. And that’s because we’re playing into the trend of Moore’s Law, and the commoditization of server hardware to a standard platform. And that plays very well into Microsoft’s strategy.
Our server and tools business is more than US$10 billion. And in the first three quarters, we’re in that quiet period between the end of our fiscal Q4 and our earnings results, so I can only talk about the first three quarters, but we grew 16 percent in the first three quarters because of your work with customers, 16 percent. That is the 19th consecutive quarter of double digit growth. And our opportunity ahead is to continue that for quite a long time. Windows Server market share has actually increased to 69 percent. That means seven out of 10 of all new servers on the planet that are deployed run Windows Server. On core infrastructure around management, we’ve moved up from the number eight position to the number four position in the last 18 months in terms of the vendors. I mean, this is a situation where two years back in 2000, really management was sort of an embarrassment to Microsoft, and we’ve turned that around, we’ve innovated, you’ve invested, and together we’re now helping customers with our management solutions.
With security, we just launched security products really just a few weeks ago at our launch in May, and already Gartner has recognized the innovation that we’re providing, how we’re doing management and security in a very integrated way in order that we can be in their magic quadrant for innovation, for vision, and ability to execute.
On the application platform, .NET continues to become more popular. Today, 73 percent, 73 percent of developers are designing for .NET as their middleware. That is clearly more than all of Java and J2EE combined. If I would have said to you five years ago that Microsoft would be the leader in middleware, I might have been laughed out of the room. And yet today, about less than 30 percent of people are designing for all flavors of Java and J2EE combined. And that’s resulted in phenomenal growth on things like SQL Server, a multi-billion dollar business growing in excess of 20 percent. Our developer tools business heading towards a billion dollars growing in excess of 15 percent. Our BizTalk business in excess of $100 million, growing at 30 percent. That’s your results that we’re seeing through your investments and how we’re building business together and changing the landscape of the industry. So for that, I want to thank you, congratulate you for a great fiscal year ’07. (Applause.)
So how are we achieving these results? Well, our value proposition to IT professionals and to developers, to the IT staff, really is quite simple. What we’re aiming to do is to look at the total lifecycle from when solutions are designed to when they’re developed, deployed, and operated. And what we do is, we look at four main areas, four agenda areas, if you like, that we’re going to help people get to this promised land of dynamic IT.
The first thing we’re going to do is help get things under control. Today, 70 percent, 70 percent of IT resources are spent standing still. Less than 30 percent are actually adding new capabilities back into the business. So the first thing we need to help customers do is manage complexity to achieve agility, get things under control, get out of that break/fix loop, and get into adding new capability to the business. At the same time they need to do that securely.
Fourth, everybody wants to open up their systems, they want to open up systems to connect with customers, to connect with suppliers. They also want it so the employees can get access to information wherever they happen to be on the planet. And to do that securely it’s a real challenge for customers. They need to protect their information and at the same time provide controlled access.
This really is around what we’re doing with core infrastructure. On the application platform side it’s really about enabling customers to advance the business with IT solutions. We want to help you help customers develop those solutions as richly and as deeply and as quickly as possible so that they can add the most amount of value to their business.
And then finally with business productivity, our message to IT is simple, and that is that we want to amplify the impact of your people. And Chris Capossela talked yesterday about how we can do that with communication, collaboration, better business decisions and so on.
So how are we delivering on this? Well, we had our TechEd event back in May, or the beginning of June, and we had five days of over 500 technical, in-depth training sessions, where we rolled out a very deep, multi-year investment in four main areas that are going to really change the landscape of how IT functions. And it basically comes down to these four main areas.
The first one is how the infrastructure is going to move to be unified and virtualized. The world is going to be moved from a physically managed environment to a logically managed environment. And I’m not just talking about using virtualization for virtual machines, I’m talking about how networking is going to evolve, how storage will evolve, how virtualization will do virtual machines. Everything will be managed logically.
I mean, just think about it today. You go in a data center, and you see people putting sticky notes, this is the green machine that runs e-mail, this is the blue machine that runs our CRM system, or this is another machine over there. So there are sticky notes. In the future who knows where things will run, things may run in my data center, things may run in my cloud. You want a unified and virtualized environment that is logically controlled not physically controlled.
The second area of innovation we talked about at TechEd was how we’re going to move form process led and model driven development, and operations. This is all about managing the total lifecycle. And we can go through and integrate that lifecycle from the very first design of when a solution gets built, through to how it gets developed, and project management, and then how it gets deployed and operated. And automating things together has really enabled us to move to self-managing dynamic systems. This is a multi-year vision that will evolve everything that we do, including our developer tools, including our platform, including our core infrastructure.
The third area we talked about was service enablement. And this is kind of like a combination of what Steve talked about yesterday in software plus services, and how we build on things like SOA architecture, to really allow IT without boundaries, new ways to develop new applications. Steve Guggenheimer is going to talk about that a little bit later on, and you’re going to see some demos to really see how you can basically go and do elements of that today, and over the next few years.
Then finally, user focus, you saw the demonstration yesterday of Silverlight, and what we’re doing with Office business applications. This is all about having maximum impact for applications and solutions that you develop with your customers, making sure that users can get the most out of them. So these core innovation areas are things that we’re focusing on.
It’s a multi-year R&D effort. And I’m telling you this to give you the comfort to know that if we’re going to go through and continue to grow at double digits for the next two, three, four, five years, and certainly there’s the opportunity to do that, in terms of the total amount of IT spend that there is out there, that is not yet on our platform, then these innovations are going to help us accelerate that.
So how do we talk to customers? Well, as has just been talked about, we do that through these optimization models. And here what we try and do is you try and say to a customer, let’s just talk about your infrastructure, let’s talk about your applications platform, and let’s talk about business productivity. And we talk about core capabilities that you need to have in order to have a dynamic IT system.
So, for example, in core infrastructure we look at how you’re managing your identity and access, how are you doing networking, how are you doing security, how are you doing management, how are you moving to this logical world using techniques like virtualization. And these conversations have been incredibly rich. It takes us away from selling individual products and talking about how we can add value to the individual business.
And for each of these individual models we have this sort of a map where we look at how people and process, and technology can be applied inside of the customers environment, with you adding value to the technology that we provide to move people over from these four main areas, from being basic, to standardized, to rationalized, to being dynamic, and being in a dynamic environment. And the benefits for customers here are truly incredible.
If you’re looking at core infrastructure, and you’re in the dynamic box, in terms of where you are of a progression, then you will have significantly lower cost and you’ll be significantly more agile in terms of how your infrastructure runs. In fact, we just completed a set of surveys of about 12,000 enterprise customers, and what we do is we look at what technology that they’re using and we categorize where they are. And it turns out that 75 percent, 75 percent of customers are in the basic quadrant, because of the technology and the people and the process that they’re using. So what does that mean for you? It means opportunity, because as you move a customer from basic over to dynamic they get significant benefits, you build business, and they utilize our technology. So that is how all of this comes together.
So I would encourage you, as has just been described, to make sure you understand these different models, the core infrastructure, the application platform, and the business productivity, have the conversation and your sales people have the conversation with customers, your technical people will be able to put it in context about how the technology works. It’s a very powerful way to sell and communicate with the IT team inside of our joint customers.
So in this presentation I’m going to focus in on core infrastructure. Chris Capossela talked yesterday about business productivity, and Steve Guggenheimer is going to talk about application platform. So specifically with the server and tools product that’s about Windows Server and what we’re doing with management and security and identity, and access. I’m not going to spend much time on identity and access, we covered a lot of that with your technical folks. But, really going to drill in around Windows management and security.
So what does it mean to be a partner inside of core infrastructure. Well, there’s a very interesting study that was done by IDC just over just about a year ago. And what it showed is, they went through and they looked at what it was like if you were a partner focused in on delivering Windows, which is the blue sort of bar on the left, if you were a partner focused in on Linux, or if you were a partner that was certified as an advanced infrastructure partner. And this shows the gross profit and the net profit on the left hand side, and the company performance of those partners.
Interestingly, you’ll notice that Linux has the largest gross margin. But, you’ll notice that Linux has the least in terms of net profit margin. And that’s because what happened is, is that because of the shortage of skills they go through and they say start, and they say it looks like Linux is a good business, but it turns out the amount of effort that’s required to skill up your people, for you to be able to offer the services, and the value add to your customer, and the amount of maintenance that you end up taking on yourself, your net profit ends up going down.
But the real story here is what happens when you become skilled, and your people are skilled and certified and you move into the advanced infrastructure competency. Look at what happens in terms of the profit, look at what happens in terms of the daily bill rate, the increase of capacity of billable people inside of our partner organization, and also the average deal size. The average deal size is because what we do is, we offer a very integrated set of solutions for core infrastructure. How all of these things work together is very important. You start off with a conversation about how you could help a customer optimize, and then all sorts of opportunities fall out from that, management, security, Windows networking, and so that’s why if people are skilled in a more broad way around things like advanced infrastructure, then you get to make significantly more profitable and a better overall business.
So the core of all of this is Windows. And how are we doing with Window Server. Well, we’ve had fantastic results. Kevin talked yesterday that we’re growing faster than the market. We’ve always been growing faster than the market. Linux has come up, it’s sort of helped the consolidation of Novell in some places, and also other UNIX, like SCO and things. But what we’re finding is, Linux has been growing from a very small base. And it’s now it’s still less than 20 percent of the market. But in Q1 of this year, for the very first time, Linux, even though it’s from a low base, and we’re a much bigger base now, just at 70 percent market share, Windows is growing faster than Linux. And that is a very, very significant milestone for us.
We’re the number one platform for UNIX migrations. Congratulations. (Applause.) It turns out with ISVs, because of the breadth of the Windows platform, ISVs who develop for Windows and everything around that, like .NET and SQL, et cetera, they will have on average revenue that grows five times faster than Linux. We’ve not been standing still. We’ve expanded the Windows family. We’re into high performance computing with these multi-node clusters, sometimes hundreds of nodes in a single cluster to provide very high performance computing. It turns out, 40 percent of all Linux units are sold in high performance computing. We’re focused, we’re going after that market with a special version of Windows.
Small Business Server continues to be important to that. We had a new version of that in fiscal year ’07. We have a new version of that that will come out after Windows Server 2008. For the holiday this year, we’ll have a new thing called Windows Home Server. I don’t have time to demo that to you, but I know how all of the people here use technology. If you’ve got more than one PC at home, you need Windows Home Server to back up all your stuff, it’s very cool.
And then we will, at the end of next year, so I’ll talk about it in this presentation in a year’s time, we’ll have a thing called, it’s code named Centro, and think of this like Small Business Server for the mid-market, and instead of it coming on a single server, it actually comes on four servers, and it provides a single solution for all of the core infrastructure that are required for mid-market customers up to about 250 PCs on a network. It’ much simpler to manage, much simpler to install. It’s all preconfigured, and works out of the box with your skills to go through and help customers make the most of out that.
So, this is how we’re doing. What’s the future look like? Well, we are super jazzed about Windows Server 2008. This is a very, very significant release for us. We’ve changed right from the core of the operating system. We have now a thing called Server Core; means that it’s much more componentized, so that you don’t need to install all of Windows Server, you just install the roles that you need for that particular server.
Why is this significant? In some cases it means servicing and support and deployment of Windows Servers is made much easier. For example, in some cases, depending on what a server is doing, you can reduce the number of patches that will be applied to that server by 73 percent. That’s a phenomenal thing.
And then you look at what we’ve done with things like PowerShell, the security that we’ve built in for Network Access Protection, a single way that you can protect your whole network to make sure all PCs follow a policy, the Web technology that we’ve built inside of that around IIS, new versions of IIS, new versions of .NET, and then finally with virtualization technology. Virtualization is built into Windows Server 2008. That means a sort of virtual server type thing that we offer free today. We’ve re-architected that. We’ve made it into a hypervisor based technology, and it’s right in the middle of Windows Server 2008. This will be a leading way, and the most cost-effective way in which you can move a customer over to a virtualized environment, helping them move over from physical to logical.
But remember that virtualization is not just about virtual machine, the ability to run virtual machines. You need to have a much broader strategy than that. And that’s exactly what we’re about. For example, if you want to manage machines, you want one management tool for your physical world and your virtual world. This is super important. If you look at, for example, what VMware does, VMware provides great tools to manage virtual machines. The problem is that it’s a different set of tools that you’d use to mange everything else in your environment like the Web Services they’re performing, the networking, what’s happening throughout your environment. Having two different management infrastructures competing is not the way in which you’re going to get a customer dynamic and optimized.
So, making sure that how management works with virtualization, making sure that virtualization is not just about virtual machines, it’s about how applications are deployed inside of the organization, whether that’s using technologies like SoftGrid that was demonstrated yesterday, using the advanced terminal services that are in Windows Server 2008, the ability to take just a single application and spray that on a different machine with a thing called Remote App in Windows Server 2008. So, we have a very, very broad view of what virtualization strategy looks like.
So, let’s take a look and let’s see a very quick demonstration from Bryon Surace who’s going to go through and take a look at what virtualization looks like. So, please welcome Bryon Surace. (Applause.)
BRYON SURACE: Thank you, Andy. It’s a pleasure to be here today to demonstrate Windows Server 2008, as well as the System Center family of products, to show how these two great technologies really complement each other.
So, to begin, let’s talk a little bit about Windows Server Core. As Andy mentioned, Server Core is the new minimum installation option designed to provide only what is required for a particular role. So, for example, if you want to run a file server using Server Core, only the key components necessary for that file server will be installed and nothing else. And for visualization, Server Core is especially important because it requires fewer system resources. Then in turn those system resources can be used to run more simultaneous virtual machines.
So, for those of you who have never seen Server Core in all of its glory, here it is, command line interface.
ANDY LEES: Wow. So, I guess the wow stops now. (Laughter.)
BRYON SURACE: So, there’s no GUI. Again, it only provides the key services necessary for whatever role you want to run. And here’s a list of some of the various roles for Server Core, including things like DACP, DNS, and, of course, Windows Virtualization.
So, now let’s switch gears a little bit and actually take a look at Windows virtualization. Here we actually are running Windows Server Virtualization on one physical host computer, and we have a total of five virtual machines. Our first virtual machine is running Windows Server 2003 32-bit edition. Next we have Windows Server 2003 64-bit edition. Our third virtual machine is running SUSE Enterprise Linux version 10. Our fourth virtual machine is running Windows Server 2008 in the Server Core installation. And our fifth and final virtual machine is running Windows Server 2008 in the full installation. And here you can see this is a 64-bit virtual machine with 6 gigabytes of RAM. And if we switch over to task manager, you can see that this is a four-core virtual machine.
So, now with 64-bit support, large memory support, and support for multiple cores, Windows Server Virtualization is really designed to handle the vast majority of enterprise class workloads.
ANDY LEES: If I can quickly say that no other virtualization technology can support as much memory or in the same way.
BRYON SURACE: That’s correct. Right now we’re the leader with how much memory you can add for a single virtual machine.
So, up to this point we’ve only looked at virtual machine management for a single virtualization server. However, once you start creating hundreds or even thousands of virtualized workloads, you start running into issues such as virtual machine sprawl. And this takes us to the latest edition of the System Center family, System Center Virtual Machine Manager.
Now, Virtual Machine Manager is the centralized console for managing both your existing virtual server technologies, as well as our new Windows Server Virtualization technologies.
And the common question we get asked is, can I convert my existing physical servers, as well as my virtual machines created for VMware to Windows Virtualization, and the answer is yes. Let me show you how.
So, here we have a virtual machine created for VMware. We’re simply going to right-click and say convert. It brings us to the conversion wizard. We’ll go ahead and select our resource, click okay. We’ll give the virtual machine a name. We’ll call it New VM, click next, and this brings us to the Intelligent Placement Wizard. This wizard is designed to help us find the best location across our entire environment to host this virtualized workload. It’s given us a few options here. We’ll go ahead and select its recommended location, click next. And now we’re presented with a summary screen. And I want you to pay particular note to this View Script button right here. Everything you just saw me do via the wizard is available via a PowerShell commandlet. We can literally copy this commandlet, we can paste it into a script that’s designed to loop, and convert all our virtual machines for VMware in our environment to Windows Virtualization.
So, now the most commonly asked question we get is, can I quickly migrate a virtual machine from one physical computer to the next, and the answer is absolutely yes, using what we call Quick Migration.
So, here we have a virtual machine running on Virtual Server host number one. We’re simply going to right-click and say Move Group.
Now, what’s happening with Quick Migration is the virtual machine is saved, access to the shared storage is then swapped, and then the virtual machine is restored on the next host. And here in just a matter of seconds you can see that we’ve quick migrated this virtual workload to VS host number two
ANDY LEES: So, this is important, because the recent press has been inaccurate to say that we don’t do migration. We do migration, and we do a thing called Quick Migration. The difference between Quick Migration and live migration is actually about six seconds, because in Quick Migration we go from one machine to the other machine via a disk. In live migration you just go memory to memory. We will do live migration in a future version.
The reason that we did this is we had to make a tradeoff in order that we could ship on time and as quickly as possible, because the demand for this has been very high.
So, why is this even important? Well, the only time that you really want to move things from one machine to the other is in a planned way. Today that’s what most people are doing, in which case six seconds versus one second makes no difference whatsoever.
But the time when you really want to move something fast is when you’re in a disaster recovery type situation. And because virtualization is built within Windows Server 2008, the new features of clustering, which includes a thing called geo-clustering, enables you to set up a cluster over a wide area network. If a virtual machine fails, a host with a virtual machine on it fails, immediately you can flip over to another machine using clustering, with zero down time. The machine just keeps on working. And you can even do that if the machine that it fails over to is remote across a wide area network.
Well, VMware doesn’t offer anything like that. So, this whole debate between Quick Migration and live migration is really a red herring, because really what you want is you want to be able to migrate in planned down time, which is what we’ve just show you, takes less than six seconds, and then when you want to be able to have a disaster recovery, in which case you want to do that across a network very, very quickly, which only we can do.
So, I think we made the right tradeoff, the press doesn’t quite report it right, but I just wanted to make sure that you understood. We absolutely can do the right migration strategies.
BRYON SURACE: I think that’s a great point, and another point also is Quick Migration for us is not a multi-thousand dollar add-in. It’s built in for free in Windows Server Virtualization.
So, now switching gears, you may know that IIS 7 will soon be available for Server Core, so we actually wanted to show you that in action. And here we have the diagram view of System Center Operations Manager 2007, which is monitoring both the health and the performance of an online Web store that we’ve created.
And if we switch over to dashboard view, we can see here that we have a few active alerts. I’m looking down here; it looks like business is doing quite well, but unfortunately our Web servers are unable to keep up. And we can tell that because the blue line here, which is monitoring CPU utilization, is running very high. And the green line, which is monitoring the number of online transactions, is being limited by our overloaded Web servers.
ANDY LEES: Okay, so what you’re doing here is you’re managing everything to do with your environment in one place, both the virtualization and the physical resources, as well as the logical resources of things like how many transactions are happening.
BRYON SURACE: That’s exactly right, all centralized in one location. So, in this scenario what we need to do is add an additional Web server to the farm, and that’s quite easy. We’ve actually created a custom script called Add New Instance. We simply click that, and that adds a preconfigured virtual Web server into the mix to pick up the load. So, just that quick we’ve dynamically added an additional third Web server into our Web far to pick up that load, and all of this can be automated for complete lights out operation.
ANDY LEES: Great. Thanks very much.
BRYON SURACE: Thank you very much, Andy. Thank you. Bye-bye. (Applause.)
ANDY LEES: So, we’ve just covered virtualization aspects of what’s happening with Windows Server 2008, and we have a lot of momentum going into this launch. We’ve had more than 200,000 downloads of Windows Server 2008 beta 3 in less than two months of when that came out. Everyone has a copy of that in your pack for you to be able to go away. It’s obviously free to download.
I was talking with partners, the Partner Advisory Council for the CPLS partners, the learning partners, and they were telling me that the level of demand that they’re getting already for training and information about Windows Server 2008 is absolutely unprecedented, they said actually the largest demand they’ve seen since NT4, which is sort of a phenomenal thing.
You look at is this going to be ready. Well, today I’m pleased to be able to say that Microsoft.com runs on Windows Server 2008 today. That is more than 100 million unique people that will come to Microsoft.com every single month is running on Windows Server 2008. (Applause.)
But this launch isn’t just about Windows Server 2008. It’s also about SQL Server 2008 and Visual Studio 2008. We will be able to go through to be able to provide you and our customers an opportunity to significantly enhance their core infrastructure and their application platform.
As was announced yesterday, the launch date for these three things together is February 27. You can plan on that date. That’s when our kickoff events will happen all the way around the world. This will be the largest outreach, touching more IT pros and developers than ever before on the planet. We will touch more than 250,000 people at events like this in six weeks after the launch. We want you to be part of that, to participate in that.
The theme for the launch, heroes happen here, because this technology is all about helping IT pros and developers be heroes to add value to their business. And it’s also about you helping customers to get the most out of their core infrastructure and their application platform.
We think it will create this feeding frenzy of opportunity for us together to invest to help change the landscape about how computing works. So, we’re jazzed about that and we’re excited about the launch.
So, let’s change gears and talk about other parts of core infrastructure, and that is management.
Oh, sorry, one thing I forgot to tell you are some of the things that we’re doing to help you get ready, and that is that we have new e-learning clinics, we have a set of certification tools available now for you to download. There is a press book that’s available now. There are free jumpstart courses for the CPLS channel to be able to get ready to be able to train you, the rest of the partners, those people that want to take instructor-led training and the other types of training that CPLS partners provide. And there’s even an upgrade exam available in beta now so that your technical staff can go through and start to see what’s going to be required of them for them to be able to upgrade their skills. We want to make sure that you’re ready and that we can invest together to make this launch super successful.
So, now let me change gears and talk about management and security, which are two of the main areas of core infrastructure.
You know, what we’re seeing here is a thing that’s really an interesting convergence. Security and management clearly are different. I mean, you look today at security and the different types of threats that are coming, there are more profit motivated threats, there are different types of more zero day issues that are coming out, and so the techniques that you have to put in place, really staying ahead of that is a big challenge for the IT team.
At the same time, from a management perspective, it’s all about availability and efficiency, making sure my systems are running, making sure that they’re running effectively, at the lowest cost and the highest level of reliability.
For example, what we’re finding in a lot of customers is that security experts are all about the security strategy, but the day-to-day security operations, in other words there’s a virus breakout in finance, then that one moves to the operations team. They want a single way in which they can delegate their operational aspects of security over to IT operations and take them out of the security group, so that the ability to shut down part of the network, force a scan, force a signature update or something like that, really they want to do from a single console.
So, we’re seeing this big convergence of management and security together, and, in fact, that’s absolutely what our strategy is.
So, I’m going to ask Kuleen to come up, and he’s going to show us about how management and security are converging together and how we’re developing into that trend with Forefront and System Center. So, please welcome Kuleen. (Applause.)
KULEEN BHARADWAJ: Thanks, Andy.
So, today I’m going to show you how Forefront products can help you balance the tensions between security and access, while integrating with System Center products to give IT administrators greater visibility and control over their environment.
Now, in this demo Mark is a salesperson for a company called Contoso, and he’s at the airport, and he’s just dying to check his e-mail. So, he walks up to this Internet kiosk and he launches a browser to get to Contoso’s secure portal. Now, he will be presented with a logon form by the Intelligence Application Gateway or IAG 2007. This protects Contoso’s network edge and provides secure remote access via SSL VPN.
So, Mark keys in his credentials, and IAG will validate them against Active Directory and give him single sign-on access to both Outlook Web Access and SharePoint 2007.
So, he pops open his Outlook, and as he does that, let’s find out what information IAG has captured about this machine. No compliance anti-virus, all personal firewalls are detected, and hence this is not considered to be a privileged endpoint, which means that it is not a secure machine.
So, this is Mark’s inbox, and he sees this e-mail from his colleague Lisa with a zip file that is attached. He opens the zip file, and he finds a document that he was expecting, and a text file which he was not expecting. So, he opens up the text file, and it says that Forefront Security for Exchange removed a virus that was hidden in there. So, this means that it removed the virus infected file and let the clean file through, even though both of them were in the same zip file.
So, Mark also decides to go and check out his SharePoint site, and here he is able to view files, but remember this is not a secure machine. So, when he goes to SharePoint, he will not be able to upload any files. So, we will see that in a second.
As you can see here, it’s not a privileged end point, so you will see the results of that out here. Here you can view files and you try to add a new document, it says that this is not a secure machine, and so you won’t be able to do that.
So, several hours later when he is in his hotel room, he decides to use his corporate issued laptop. Now, this one is running Forefront Client Security. Now, this one protects this laptop against viruses and spyware and checks for missing security updates. And the green check box here indicates that Client Security has already been updated with the latest anti-virus and anti-spyware definitions, even though Mark was actually working remotely.
So, how did that happen? These signatures were received from Microsoft Update and were automatically installed in the same way as the other operating system and application software updates.
So, Mark goes back in here onto his managed laptop, and he launches his browser to go back to the portal again. As you can see here, IAG is capturing information about this machine. So, he keys in his credentials now, and remember this is now a secure machine, and so he gets access to a whole lot more. He can access file shares here. We’ll be seeing that in a second; that’s his file share. And then he can also even remote desktop to another machine on the corporate network. And this time around when he access SharePoint, he is actually able to not only view files, he’s also able to upload files.
So, now that we’ve seen the end user perspective in the yellow circles out here, let’s see the IT administrator’s perspective by walking up these blue circles and we’ll end at this orange one here.
So, let’s find out how Contoso protects its network edge and go to the IAG 2007 management console.
Now, IAG makes it really easy to add applications to provide secure remote access, too. And you can add just about any Web-based application. You can see Microsoft CRM, SharePoint, PeopleSoft, SAP, WebSphere. You can even add any client-server based application. You can also add browser embedded applications.
Now, because IAG understands the security models for each of these applications, it provides a comprehensive set of default security policies to control the access to these applications.
So, now let’s find out how Contoso protects its server applications such as Exchange and SharePoint, and go to the Forefront Security for Exchange Server.
Now, here you can use up to nine different AV engines simultaneously, and these AV engines are from different providers such as Computer Associates, Norman and so forth. So, this gives you failover capability, and it also provides you with algorithms that pick the best AV engine for the task, depending on its past performance against specific types of malware.
Now let’s find out how Contoso protects its desktops and laptops and go to the Forefront Client Security management console.
Now, the great thing about client security is that you can have a single policy to protect against viruses, protect against spyware, and check for missing security updates. And because of the integration with Active Directory, you can easily deploy this policy to any machine on your corporate network.
Now, the alerting, event logging and reporting functionality in client security is built on top of Operations Manager technology. And because of this integration between Forefront and System Center, you can get detailed reports like this on the security state of all the machines inside the environment.
Finally, let’s find out how Contoso monitors the status of its critical machines, and go to the System Center Operations Manager console.
Here is a health snapshot of all the critical servers inside the environment, and then you can drill into the health explorers for each one of them, and get rolled up views of availability, configuration, and performance.
Now, Operations Manager also provides you with these context sensitive inline tasks, and what this allows you to do is to remotely remediate issues on these servers without having to switch screens. Now, this is not something that you will find with other tools out there today.
So, that brings us to the end of our demonstration, and what you’ve just seen is how Forefront products can help you balance the tensions between security and access, while integrating with System Center products to give IT administrators greater visibility and control of their environment. Thank you.
ANDY LEES: Great, thanks very much. (Applause.)
So, what’s the opportunity here? Well, for us it’s all growth. In terms of management, management is a very significant business for us, but we’ve significantly increased our portfolio. In management we used to have two products with SMS and MOM, Microsoft Operations Center. We’re renaming those two as part of a total family of six different products, including the Virtual Machine Manager that you saw before, a special version designed at mid-market called System Center Essentials, which is effectively our configuration manager and operations manager rolled in together to a single product that a medium sized business or a small business can go through and install in a unified way, and it even has remote access and remote management capabilities so that you can offer remote management services to your customers to be able to go in and look at the health of the machines inside of your customers.
And the opportunity here is truly phenomenal. We did a study with IDC of how we compare versus the other leading management vendors of the opportunities when we found. Because of the ease of use, because of the integration into the total environment, we found a shorter sales cycle, better close ratios, higher average deal sizes, and more follow-on projects because of the way this was built into our core infrastructure story. And so that’s also why we’ve seen this 23 percent increase in the number of partners that are skilled on advanced infrastructure.
On the security side this is an amazing growth opportunity. In terms of looking at some of what our partners have already done, Convergence is one of our partners. They’ve gone through, they’ve looked at their install base of customers who already had things like Exchange and things like SharePoint, and they went back and had a conversation to say, oh, would you want to do this in a more integrated way, and as a result they’ve been able to get to an attach rate of Forefront between 10 and 20 percent of their install base, with an average deal size of $200,000. Partners are also using this as an opportunity to up-sell, talking about the end-to-end security solutions, but also the management and other elements of core infrastructure. And so CompuCom has used this as an opportunity to go through to tell a much broader story.
And there’s lots of services revenue. Software Bots in the UK found that they’ve generated already $2 million in service opportunities, and increased their average deal sizes versus other security that they were offering before by 10 percent.
Our security products are very broad. We have a full family of products. Many of them are shipping now, and some of them will be shipping in the next couple of months, and the same is true with System Center.
So, it’s how these things come together that provides you, our core infrastructure partners, an opportunity.
So, my main message then for this presentation is ride the wave as we help change the industry to move to dynamic IT. We’ve been investing a lot in terms of the core technology that we’re providing, and you have been investing a lot in terms of your skills and your value-add and how you take these building blocks and make them into solutions and into ways in which customers can be more efficient and more dynamic.
We have a phenomenal 12 months ahead of us with the launch. Please use that as an opportunity to broaden your competencies, carry on the trend that you have to get people skilled in adjacent markets. Like if you’re specialized in management, think about security; if you’re in security, think about how you do management. And then really make sure that you understand this core infrastructure and application platform as a way in which of having the conversation to build a broad business for you and us together.
So, I’m looking forward to a great fiscal year ’08, and looking forward to continue working with you. Thanks very much. (Applause.)