Bob Muglia: Tech•Ed 2006

Keynote Remarks by Bob Muglia, Senior Vice President, Server & Tools Business, Microsoft Corporation

Tech•Ed 2006

“Infrastructure for the People-Ready Business”

Boston, Massachusetts

June 11, 2006

(Video segment.)

BOB MUGLIA: Yeah, that’s the way it should be, IT pros and developers as heroes. At Microsoft that’s how we think of you, and that’s why we’re making these four promises that you’re hearing about tonight.

And while we’re on the subject of IT’s heroes, there is one individual who is emerging as an international IT leader. Last month alone, she was profiled in USA Today and Glamour Magazine. She’s the whole IT package. She knows attack scripts, computer vulnerabilities, intrusion detection, encryption and operational security. She can script equally well in Tcl or PERL. Her data-slinging deftness is undisputable, whether she’s being an Internet protocol manager or a senior business analyst.

While on the Jay Leno show, Billy Crystal described her as the most powerful woman on earth. Why? Because she can find anyone or anything in seconds, all from her laptop.

And if you’re a fan of Fox’s TV hit drama “24,” you know who I’m talking about. She’s Jack Bauer’s go-to girl and an IT pro and developer goddess. Give it up for the real star of “24,” Chloe O’Brien. (Cheers, applause.)


BOB MUGLIA: Hi, Chloe.

MARY LYNN RAJSKUB: Hi, everybody. How’s it going? (Cheers.) Wow, we’re all here. I feel like I’m Celine Dion at my own theater in Las Vegas. Hi, everybody! Hi.


MARY LYNN RAJSKUB: But I have to tell you that Chloe is not my real name, that’s a fictional character. My name is Mary Lynn Rajskub.

BOB MUGLIA: Yeah, but there are so few IT role models, can’t we just call you Chloe?

MARY LYNN RAJSKUB: Yeah, you can.

BOB MUGLIA: Well, Chloe, these are your people.

MARY LYNN RAJSKUB: Really? Are you my people?

BOB MUGLIA: I think so, right? (Cheers, applause.)

MARY LYNN RAJSKUB: Oh yeah, I can see now, now that the lights are up. Yeah, you are my people.

You know, I feel that because I speak your language. When I started on “24” in season three, I had no idea what the hell I was saying. (Laughter.) Jack Bauer would scream at me, I have a thumb drive, I need to data mine these files, and I’d have to tell back, “Upload the drive to my socket, access code 5J55J.” I didn’t even know if it made any sense.

BOB MUGLIA: Well, it could.

MARY LYNN RAJSKUB: Well, I know that now, but, you know, by season four I was starting to really get it. Interlaced encryption key — well, I had to look up the word “interlace.”

BOB MUGLIA: Yeah, but now?

MARY LYNN RAJSKUB: Oh, no, now throw anything at me, blowfish algorithms, whatever, I’m all over it.

So now the writers are testing me to see if I call them on the ridiculous stuff that they write. Check this out. They wrote, “It’s a poison-pill firewall and any attempt at circumventing it and the hard drive does a cold-start erase, at which point you can forget about retrieving any data, but I can try to slip in through the subnet if I set up a fully parsed VPN pathway from my phone.”

BOB MUGLIA: “Fully parsed VPN pathway from your phone”?

MARY LYNN RAJSKUB: Yeah. It’s total BS, right, Bob?

BOB MUGLIA: Yeah, it’s BS. (Laughter.)

But now you’re like a female high-tech MacGyver. Have you been following what we’ve been saying tonight?

MARY LYNN RAJSKUB: Totally. The promises, they make a lot of sense to me.

BOB MUGLIA: Yeah, well, that’s good, I’m glad the promises, but what about Ray’s presentation on services?

MARY LYNN RAJSKUB: You’re going to have to give me till season six for that one. (Laughter.)

BOB MUGLIA: OK, well, then let’s talk a little bit about the four promises.

MARY LYNN RAJSKUB: OK. They sound great, but I was backstage and I thought it would be fun, I mean, you guys did call me IT goddess.

BOB MUGLIA: Yeah, we did.

MARY LYNN RAJSKUB: I wish you could say goddess of all time, that would be a little bit better, but I thought it would be cool to add a few more to the list.

BOB MUGLIA: A few more? Well, you know, we’ve kind of been working on this, we’re sort of locked in the ones we have.

MARY LYNN RAJSKUB: Well, you can think of them as Chloe’s alternative four promises, you know, just for the week of Tech•Ed.

BOB MUGLIA: For this week that’s fine, OK, go ahead.


Promise one: Less PowerPoint and more smokin’ demos! (Cheers, applause.)

BOB MUGLIA: We can do that. That’s what tonight is all about.

MARY LYNN RAJSKUB: Promise two: Fix the distribution problems with Xbox 360.

BOB MUGLIA: Just about got that one done. (Laughter.)

MARY LYNN RAJSKUB: Good. I mean, because we’re all ready to load Godfather and whack somebody, right? (Laughter.) You guys? I came all the way here for you.

And also if you could stop saying “do more with less” so much.

BOB MUGLIA: Well, that’s sort of our thing, you know?

MARY LYNN RAJSKUB: Well, it’s kind of glass is half empty. I mean, if you could just say do more with more, I think that would be better. C’mon, more is more is better. (Cheers, applause.)

And, you know, tell our non-doofus managers that we could all be more productive with more budgets, more coworkers and more money. Let’s try that, everybody, do more with more. (Cheers, applause.)

BOB MUGLIA: Makes sense.

MARY LYNN RAJSKUB: Do more with more! You guys are a bunch of crazy animals out there. (Laughter.)

BOB MUGLIA: Well, the thing is, Chloe, we’re actually not in charge of their IT budgets.

MARY LYNN RAJSKUB: Oh. No, I know, but it feels good to say it, right? (Laughter.)

OK, promise four. Bob, this is a big one, because I’ve heard about you, your reputation. Just once for a Tech•Ed keynote, just promise us tonight that you’ll end on time.

BOB MUGLIA: That’s a good promise. We’ll try but that means we’d better get started with less PowerPoint and more of those demos. (Applause.)

MARY LYNN RAJSKUB: Smokin’ demos.

BOB MUGLIA: You got it! They will be.

Let’s hear it all up for the diva of “24,” Chloe O’Brien. Thanks. (Cheers, applause.)

Now let’s talk about those Microsoft promises. I want to start with the first one, which is “Manage Complexity, Achieve Agility.”

This is really focused on our Dynamic Systems Initiative, something we’ve been working on now for about three or four years. It’s an area we’ve been very, very focused on in a consistent way. There are many pieces to this. Knowledge driven management is very important, design for operations with a lifecycle starting with developers all the way going through the IT lifecycle is very critical. And the third piece of it, and the one I want to focus on tonight, is virtual infrastructure and talk about the investments that Microsoft is making together with the industry to use virtualization to revolutionize the way you design your datacenters and roll out applications.

Now, when we think about virtualization, we really think about this at multiple levels. Sort of the level of virtualization that most people think about we would call hardware virtualization. This is what you use when you virtualize the entire hardware, it’s what Virtual Server does, products like VMWare and ZEN work at this level, and it’s a very, very effective way to achieve a great deal of isolation of applications in a packaged format, in our case we call it VHD format for Windows. Those packages are very isolated, but they are not very granular in terms of the level of control you have.

Yet this kind of virtualization, hardware virtualization is very critical, it’s a critical step and one that we’re investing heavily in, and in some ways it’s some of the first things that you’ll see business results on.

There are, however, two more places of investment that we think are pretty important. The middle one, which is absolutely the one that you’ll see the furthest out, this will take another generation of the operating system beyond “Longhorn” to really get this into place, is OS services virtualization. This is where within the operating system we virtualize the key system services, services like Win Logon to allow you to run multiple instances at the same time.

Now, this is maybe not useful in the most generalized of sense, certainly not as much as hardware virtualization, but it’s particularly interesting in hosting environments where you want to run thousands of identities, thousands of different companies on a single server, having those system services be virtualized is a key step.

The third piece, which is one that we do think will be very broadly applicable to everybody in this room and every IT shop, is application virtualization. This is the concept of being able to take and package an application up as a virtual object that can get sent down to the server or computer. It’s particularly interesting in the short run to allow applications to be run in a Windows client environment without having fear of interactions between them.

With application virtualization technology it’s possible, for example, to run two versions of Office on the same machine, which you could not do without this technology; or two versions of your business applications that use different DLLs that are incompatible, different, for example, levels of ADO that I know people have struggled with.

So providing this provides less isolation than, say, hardware virtualization but much more granularity of control. So it’s a series of tradeoffs.

Now, a scenario where we see a lot of important potential we have recently acquired a local company, Softricity, which has been a leader in this space. They have a clear leadership position in terms of application virtualization. And you’ll see us incorporate the Softricity technology into our product in the months and years to come.

So virtualization is very key, we’re making investments across the board.

With that, let me invite Bill Anderson up to give you a demo of Windows Server virtualization and our new product that we have in System Center, Virtual Machine Manager. Bill? (Applause.)

BILL ANDERSON: As Bob alluded to, virtualization is a big investment for us across the stack, and what I want to do is show you some of the technologies you can expect to see from us to improve that virtualization experience for you and really make that strategy a reality.

Now, the first thing you’ve got up in front of you is our Windows Server virtualization user interface. And this is done in the MMC, a tool that you’re used to using on a day-to-day basis, and the goal is to be able to manage multiple workloads on a single Windows Server and be able to manage those workloads appropriately.

Now, as you take a look here, I’ve got an array of different workloads there, ranging from Linux enterprise 64-bit, notice the X64 there, X86, as well as the Longhorn Server that we’re running. So you can run a wide array of things in the server virtualization world.

A couple of things I do want to point out, the 2K3 server one is actually build in Virtual Server 2005 R2, today’s Virtual Server technology, and we’ve migrated that forward so we can make the commitment to you to make your virtualization investments of today carry forward for tomorrow.

So the second workload I want to take a look at is that “Longhorn” Server workload that’s there. As I open up the VM window you’ll notice first of all 4 gig of virtual memory being allocated to this particular virtual workload, breaking through some of the scalability challenges that we saw previously, kind of capping us about 3.6 gig. We can now support upwards to and over 32 gig of memory, as well as up to eight processors. In fact, if I open up Task Manager, you’ll notice that this particular VM has been allocated as a four-way system.

So making sure inside of Windows Server you can manage those workloads effectively is a key priority.

What’s also a priority though is making sure that you’re dynamic in the way that you handle these workloads. So let’s say, for example, that this workload, which is pretty comfortable right now, evolves over time and you’re adding more users and more users and more users; at some point you’re probably going to have to add resources. Well, we want to make sure that through our Windows Server virtualization you can dynamically hot add resources like memory, processor, et cetera.

Let’s jump back to my virtualization window here. I’m going to go ahead and select that workload, choose the settings, go to my memory setting here, and we’ll just go ahead and kick it up a notch, go to 5120 there, going to go ahead and select OK, and as I go back out here you’ll notice it’s actually changed, it’s dynamically allocated that memory out for this particular VM so that you reach the capabilities you need without having to have user interruption.

BOB MUGLIA: So this dynamic capability is a unique capability of Windows Server virtualization. The ability to run four processors, these sorts of dynamic capabilities, large memory really means that Windows Server virtualization will be appropriate for a broad set of workloads, including high-end things such as database or messaging.

Now, our plan for Windows Server virtualization is to release this within about six months of when we ship Windows Server, and it will be a part of the operating system, it will be included as a standard feature of the operating system.

BILL ANDERSON: Absolutely. So that’s a great tool, the Windows Server virtualization user interface, great to manage a small number of workloads on a few Virtual Server. But think about it as you grow from tens to hundreds to thousands of virtual workloads, our commitment to you is to be able to use your enterprise management products today that you use to manage those physical assets to manage your virtual assets as well.

So I’m going to show you in System Center some of the technologies we’re going to be making available for you to do that integrated virtualization management.

Now, the first console that I’ve opened up here is our System Center Virtual Machine Manager. We announced this at WinHEC a couple weeks ago. This is going to be out in beta later this summer, very public and very available for you to get, so make sure you’re watching out for it.

And what we’re going to do is a simple physical to virtual migration scenario. We’re going to take an existing workload, move it from physical to virtual, and consolidate the servers.

So I’m just going to run a simple wizard-driven consolidate server task. Now, I’ve identified a system on our network already that is the right one for us to go migrate across, and it’s actually going to auto-populate the FTBN for me. I’m going to go type this in and we’ll go to the next screen.

At this point of time I can type in some details about it, I’m not going to worry about it. I also have the ability to configure the hardware that this particular VM wants. We’re just going to leave the defaults here for the sake of time for the get out early promise that you made earlier.

Now, I’m going to go assign it to a virtual machine host. Now, at this point in time we’re doing something very different. Just moving the workload is one thing, but being able to intelligently place that workload based on capacity is another. This is our intelligent placement functionality inside of Virtual Machine Manager. It’s based on some modeling technology from Microsoft Research that you have availability today in the form of System Center Capacity Planner. This allows us to look at the hardware requirements for the workload, look at the capabilities of the destination and be able to more accurately predict for you where that needs to go.

Now, you’re IT pros, you can customize the ratings, if you’d like to, to change these particular levers, but, hey, who am I to argue with Microsoft Research?

So I’m just going to go ahead and take the top suggested one, choose the default location for it, and it’s that simple.

BOB MUGLIA: To get that workload migrated.

BILL ANDERSON: Absolutely. In a simple wizard-driven process we can do that.

Now, the other thing I want to show you is with our System Center Operations Manager, a product formerly known as MOM as we move forward, how we can actually integrate that into your virtual workloads as well.

So as I open up my System Center Operations Manager console, inside of my state view you’ll notice that I’ve got an AD server that’s showing me a critical error. What we’re actually doing is working through — this is a virtual workload — working through that workload to be able to diagnose things like memory, processor, et cetera. And when I go dig into the alert, because of the rich knowledge that’s actually associated with this, I get to understand down below that says, hey, look, this workload is actually running low on memory.

So I showed you earlier how we can hot add memory; boy, wouldn’t it be really cool if now as opposed to managing it as a one-off, all the knowledge is right here at my fingertips, I can choose add memory, run the task, and it’s actually going to go out and do that for me.

Now, you could associate this with an alert as well so that it dynamically did it, but you’ll notice now that I’ve run the task, go back into my state view, it’s actually resolved it, the system is healthy again, the alert has been cleared out.

So the tool is at your disposal to be able to really get to that self-managing, dynamic datacenter we’ve been talking about.

BOB MUGLIA: That’s great, Bill.

When we think about virtualization, one of the key things is how we integrate it together with all of our management tools in one key thing. W don’t think of virtualization as something separate, that’s different that you need to deal with, we really think of that as a part of your overall IT infrastructure.

Hang on for a couple minutes, and we’ll be back here.

BILL ANDERSON: You’ve got it.

BOB MUGLIA: So let me talk for a just a second about [Windows] Vista and deployment and System Center. One of the key things as we roll out a new operating system has been to put a lot of focus on how we can make that operating system easier for you to deploy. We’ve put a lot of energy into [Windows] Vista and making it easy to upgrade to this operating system and migrate pieces forward. We’ve focused on making [Windows] Vista a much more secure operating system so that your users can run with lower rights capabilities, thus protecting the environment and giving you more control over their environment.

We’ve also put a lot of energy into System Center tools, both in terms of Operations Manager, as well as Configuration Manager, SMS, to make it easier for you to roll these systems out, and then once they are rolled out for you to be able to keep an eye on the systems and understand any issues that are happening on those machines.

So let’s take a look at some of the capabilities that are coming in Vista that are quite unique.

BILL ANDERSON: Absolutely. So the first thing we want to focus on is the concept of Vista imaging or image-based deployment. Many of you for tens of years literally have been doing image-based deployments of Windows, and [Windows] Vista actually natively supports the ability to be imaged deployed with our own imaging format.

One of the things that we wanted to do was help you better manage those images that you’ve got invested. We’re going to do it in two ways. One, we’re going to give you visibility inside the image and, two, we’re going to try and help you reduce those number of images.

The first tool you see here is the System Image Manager. The goal for this is to allow you to see inside of a Vista-based image, because it’s file based, we have the ability to look at the file on the system, and look inside the components that are there. If you look at the lower left-hand corner of the screen, this is looking at a flat file on the drive looking at the components in this Vista image. So, if I’ve forgotten what my favorites were, or what my start page might be inside of IE, I actually have the ability to drill down through the component and the settings here. So, I don’t have to go put it on a pristine machine, and figure out, oh, that’s what my start page is, giving you better tools to manage those images.

The second promise is to be able to reduce the number of worldwide images. To be able to do that, we want to trim the image down and allow you to do more things in an unattended way. To be an international company like we are, language packs are important for us. Through the system image manager, I have the ability to select one of these language packs that are over here, and I can actually easily add this to my answer file. What I do is go to file save, save it as an XML file, and now I have an unattended file that I can use other deployment tools, like SMS to go target that particular language pack at the right geography or the right user community.

BOB MUGLIA: So, [Windows] Vista has a file-based standardized image format that allows you to do quite a bit of customization of that for your own company needs, but also customize it as appropriate for different geographies. Given the great international capabilities, the ability to really dynamically add languages to [Windows] Vista, and across the globe, this is one of the great examples of how you can take advantage of that file format.

BILL ANDERSON: Absolutely. And the second thing we want to show you is a little different from the earlier promises. Instead of showing you future technology to help you deploy [Windows] Vista, I’m going to show you how SMS 2003 today can help you be ready to deploy [Windows] Vista as soon as we ship it. So, most of you are using this tool on a day-to-day basis for different functionality, you’re familiar with the user interface. The first thing for deployment of an operating system is planning. We’re going to leverage the SMS inventory to help you out with that.

A few weeks ago, we gave you the conditions or requirements for [Windows] Vista Capable PCs and [Windows] Vista Premium Ready PCs. What I’ve done is gone into SMS and created a simple collection based on an inventory query to give you a result out of the machines that meet the criterion to actually set that operating system. So, you don’t have to spend a lot of time, you know which machines will work, and which machines you may have to do hardware upgrades.

The second thing with SMS is we have the ability to support the new [Windows] Vista Win format, so we can deploy that for you. In fact, you’re going to see an update to SMS this week that gives you that support and a few other things, so look out for them.

BOB MUGLIA: This is part of the 2003 implementations that people have already deployed?

BILL ANDERSON: Absolutely. The infrastructure you have today should pave the way for [Windows] Vista when we get it out to you.

So, a couple of other things we’ve done with SMS in this update to make sure that you can get optimized deployment of [Windows] Vista, first of all, many of you may not have known this, but in [Windows] Vista you don’t have to go enter the five-by-five key as part of your deployment. You can actually just point at it with a volume license server, or VL Server, as we call it. So, within SMS we’ve automated that process so that you can tell it, hey, look, the product key isn’t really required for this, it’s [Windows] Vista.

The other things we’re doing inside of SMS is using the new [Windows] Vista tools. This has a new user state migration tool, and a new sys prep tool, so we’re leveraging using those in the way that we deploy the system to have the ability to go on our state capture and actually add in the user state, and be able to use the new version of USMT in [Windows] Vista, so that you can actually migrate those workflows more easily, migrate your user state and data more easily from Windows XP to your [Windows] Vista destination system.

And so to be able to put all this stuff together, our goal is improve the manageability of [Windows] Vista, but make sure that when we ship it you guys are ready to rock and roll. Thanks, Bob. (Applause.)

BOB MUGLIA: Great new capabilities, but fits into your existing infrastructure, so the investments that you’ve already made, the training that you already have can be carried forward. So, that’s an important area of investment.

I want to focus now on one important workload that Microsoft is entering into, which is the high performance computing workload. Now, for some of you out there, this is an incredibly important workload, and maybe less important for some other businesses. Certainly, if you’re in financial services, oil and gas, pharmaceuticals, all of those are industries where taking advantage of the computing power that is now available at very low cost is incredibly important for your business.

I think you’ll see over time that as the tools get simpler, and the needs for business analysis increase, that using the power of microprocessors and software, your companies, even in other industries, will get great advantage out of high performance computing, and technologies and products like Microsoft Compute Cluster Server.

Now, we’re pleased to announce that we’ve just released this product to manufacturing, so it will be available in the channel very, very shortly. And the key thing about the Compute Cluster Server is the fact that it takes and provides an environment that is very familiar to all of you. It’s the Windows environment, it integrates with your Windows infrastructure, it uses Active Directory for deployment, et cetera, and it makes it very, very simple for you to take and roll out at a low cost this key workload, and this computing need.

In the past, this has really been a Linux dominated environment where that whole set of infrastructure had to be rebuilt, and in some cases the training just wasn’t available. So, we have a very compatible, very complete set of tools. We’re working across the entire industry to make sure that the ISV applications that you depend on will be ready. We’ve been incredibly excited by the response that we’ve gotten from all of our partners and customer that have seen this. The ISVs are really adopting the technology, and bringing out the apps. The OEMs are building products. And the customers who have used this in the beta process are so excited, they think it’s a huge benefit for their business. So, let’s now take a look at the new Compute Cluster Server, and what I would like to do is invite the director of that business unit, Kyril Faenov, out to show us CCS.


BOB MUGLIA: Good evening.

KYRIL FAENOV: Good evening. (Applause.)

Compute Cluster Server just released, so we already have early adopters that are using this to design jet engines, or do simulation, weather modeling. What I want to show you tonight is how we are really taking HPC to the mainstream. This spreadsheet was designed by Cornell Theory Center and University of Waterloo to model the bond portfolios value and risk based on fluctuation and interest rates over time.

So, if I’m a broker, and I have a customer on the phone, I might want to compute the value of this portfolio for 50 bonds, and for each of the bonds I would perform 10,000 simulations of Monte Carlo, and here you’re watching that each bond computation completes, and it’s being done here on a workstation. And this is taking some time. Depending on the maturity of the bonds, it might take up to a minute, or 30 seconds for each of the bonds to get computed, and so it will take several minutes while the customer is waiting on the phone.

Now, with multi-thread capability and Excel 5, you might be able to speed this up on a multi-core workstation. But let’s see if we can make this even faster by uploading the computation onto the cluster. Here we have four nodes in a compute cluster. They’ll be able to speed up this computation while providing reliability should one of the nodes fail. When I click execute directly from the workstation, from this spreadsheet, the job gets scheduled onto the cluster, and it gets authenticated with Active Directory under the floor automatically. And this is an example of seamless integration that you were talking about.

BOB MUGLIA: That integration is very important. And this aspect of having an application that runs on an analyst’s workstation but then also can submit a job to a cluster is a very, very common thing. This is a case where we’re using Excel as the application. You’ll see that with many different ISV applications. One interesting point is, when Office 2007 ships, there’s a new Office Services 2007 with Excel Services that will allow you to take advantage of the cluster capabilities and run Excel spreadsheet tasks on a server.

KYRIL FAENOV: That’s right. And what you are seeing here is, while we’re talking, a computation was farmed out onto the cluster, and the results are coming out. The individual colors are showing which of the nodes performed the computation. If you look back at the workstation we were running on, it’s still chugging along, while this computation was completely in 60 seconds.

BOB MUGLIA: It makes total sense, given that if more microprocessor power is available, the scheduler just scheduled all that out, got the jobs out there, and they all came back.

KYRIL FAENOV: Exactly. And what we didn’t show before, here’s the console that’s used to manage the cluster, and the MRC console is the one place you see all the compute nodes, you can see their performance here, the computation already completed. And here we have a job console for every job showing the task. Here each bond was performed as a separate computation. We can manage it in one easy place, and it’s integrated directly into the workstation environment.

So, here is an example of how we’re accelerating time to insight with an environment that’s easy to deploy, integrated directly into your IT infrastructure, and into your workspace and applications. I invite you to come buy our booth to see this demo, and also hands-on labs to try this on yourself.

BOB MUGLIA: That’s great, Kyril. Thanks a lot.

KYRIL FAENOV: Thanks a lot, Bob. (Applause.)

BOB MUGLIA: So, that’s one of the new innovations that we’re very excited about, taking something that a small number of people have used in some isolated ways, trying to make it much more mainstream, much more available, at a better cost, better integration into IT environments. And we think that for those individuals who are already focusing on high performance computing, and for many others, this is extremely significant.

So, that’s the first promise. We talked about a few of the products that really apply there. There’s a wide variety of things focusing on the operating system, and the IT operations area. As we move forward, obviously, we have new generations of [Windows] Vista and “Longhorn” coming. We have a new wave of Systems Center products coming in 2007, updates to Operations Manager and Configuration Manager. The new Virtual Machine Manager that we’ll be entering, all focused on working together in an integrated way to bring your costs down.

Now, what I want to do is invite you to go to a strategic briefing that Bob Kelly will be having tomorrow starting at 1:30 to 2:45.

(Video segment.)

MARY LYNN RAJSKUB: That was pretty cool. (Applause.)

Keep it going, let’s have a round of applause for all the funny performers you’ve seen. I like that girl who played me, and I’m really glad they got rid of that other sneaky girl who was pouring the coffee on the thing, but just like our show, I mean, there’s always a mole, isn’t there, you guys? Every season there’s two or three of them on the staff. Is it just me, folks, or do you think that the CTU HR director should be fired? (Applause.)

That’s not what’s got me worried, though, I mean, it’s turnover. On our show people die a lot. When somebody gets outsourced, they really get outsourced. It’s true, this season “24” has killed off more main characters than any other show on TV. It’s pretty crazy. Talk about creating a hostile work environment, 10 of us bit the dust, including my good friend. I never realized that being in IT is more dangerous than being on “The Sopranos.”

Anyway, I love how Edgar and Laz were rolling out patches and stuff in that episode, because that’s what I’m always dealing with. I can totally relate to the issues you guys deal with every day. I mean, who here hasn’t sealed off rooms to keep away from a deadly nerve gas? Who here hasn’t hacked into a top secret federal server, I can’t even say it, to redirect bad guys who are tracking our friend.

I mean, come on. (Applause.) Cough it up, stand up and go wild, everybody, take your shirts off. I mean, I’m not the only one who helped a civilian pilot obtain security clearance and credentials so he can commandeer a helicopter tailing the president, am I right? Just look the other way, and he’ll sneak on through the bottom of the plane. But, everything I deal with is fake. One thing is always the same, your bosses and my bosses, they think every little request, IT request they make, is a freaking matter of life and death, right.

Anyway, enough about me, let’s get back to you guys. It’s time to talk about security issues that apply to life, not to TV. So I’m going to bring him back out everybody, Bob Muglia. (Applause.)


BOB MUGLIA: Hi, Chloe.

MARY LYNN RAJSKUB: Welcome back.

BOB MUGLIA: Thank you.

OK. So let’s talk a little bit about security, protect information control access. Our focus really here for the last two years has been on trustworthy computing, and making the systems more secure overall, by making sure we have in place an engineering process that ensures that are products are as secure as possible, and have an infrastructure in place to get updates out to you. I’m always amazed, when we roll out one of these security patches on Tuesday 250 million computers around the world are updated within 72 hours, and then of course all of you update your computers.

Our focus now as we move forward is to take and build on that foundation of trustworthy computing and bring about a set of applications, server applications that are focused on the security area. We have a comprehensive suite that we’re building, and of course our focus on this is to make it as easy as possible to use in businesses of all sizes, but also to build it in, and integrate it with other products, so that there is that seamlessness and that ease of operation.

When we think about this there are several products that we’ve had in the market for some time, or we’re about to bring out to the market. We have an important set of updates, a refresh of ISA, Internet Security Accelerator, and a set of Antigen products that protect, and anti-malware on Exchange Servers, SharePoint, and instant messaging. Those products are being updated, just in a few months, in the September timeframe. So an important set of updates focusing on the security and the edge in your infrastructure.

Today what I want to do is announce a new family brand, a new set of products that will work across your enterprise for security, and that’s called Forefront. Forefront will become a complete set of security products from Microsoft, updating the capabilities that we have with antigen today, protecting Exchange, protecting SharePoint, but then also adding client-side protection. The edge remains important with ISA. All of these are designed to work together in a comprehensive and cohesive way to secure your business.

With that, let me invite Kuleen Bharadwaj up to give you a pretty thorough demo of Microsoft’s new security products.

Coline, good evening.

KULEEN BHARADWAJ: Wow, there’s a lot of people here today. Thanks so much for coming. Today I will show you how the Forefront security can help you protect your information and control access across the client operating system, the server applications, and the network edge. Now, in this demonstration we have Mark, who is a sales person who works for a company called Contoso, this is his laptop. It’s running Forefront client security, which provides anti-virus, and anti-spyware, and assesses the security state of his machine. So Contoso uses client security, as well as server-level security to prevent viruses from even getting to Mark’s laptop.

Now, Mark is at an airport lounge, and he’s trying to access Contoso’s Exchange, SharePoint, and Live Communications Server. He’s got about five minutes before he can board his flight, and so he’s waiting for an important document from his colleague Lisa. So he launches his browser to get to Contoso’s secure portal. He’s presented a logon form by ISA Server 2006, which protects Contoso’s network and provides secure remote access. He needs to identify himself, so let’s go do that. So ISA Server validates his access credentials with Active Directory, and then authenticates on his behalf with all the servers that he needs access to.

BOB MUGLIA: So one of the new features of ISA 2006 is the ability to very easily publish internal SharePoint Web sites onto the Intranet for secure Internet use.

KULEEN BHARADWAJ: That’s exactly right. And as we can see here, Contoso uses a single portal to provide its users access to their Outlook inbox, instant messaging, as well as the usual document collaboration capabilities. So Mark sees the e-mail from Lisa, he finds the file that he was expecting, and he also sees a text file, which he opens. It says that Antigen for Exchange removed a virus that was hidden in there. So that means that Antigen for Exchange allowed the clean file through, but removed the virus-infected file, even though both of them were inside the same zip file.

BOB MUGLIA: So we’re smart enough to look at what are the insides of compound files like zip, and really make sure that only those files that need to be quarantined are left out.

KULEEN BHARADWAJ: That’s exactly right. So Mark and Lisa also happen to be friends, and Lisa wants to get hold of this new song that Mark has been telling her about. So Mark figures it’s probably too big to send via e-mail, so he wants to upload this to this internal share. He also wants to change the file extension from wave to text, to bypass security.

BOB MUGLIA: Thinking it will bypass his IT policy.

KULEEN BHARADWAJ: So this is going to be especially amusing to Contoso’s security administrators, because Contoso considers this inappropriate content. So Antigen for SharePoint blocks it by using the virus scan API for SharePoint.

BOB MUGLIA: So only those files that your policies define as being valid on that server can be uploaded.

KULEEN BHARADWAJ: That’s right. So now that Mark is safe and aboard the plane, and we have seen the end user perspective, let’s take a look at how Contoso’s IT administrators use the Forefront product to make all this possible.

Let’s see how Contoso does network edge security and go to the ISA Server Management Console. Now, ISA Server examines network traffic at the application layer, which means that it does not just look at the header of the network packet, it looks at the content to see if it conforms to what the application is expecting, and then it forwards only the good packets to the server applications to protect them from malicious attacks.

BOB MUGLIA: This second level of control is important, and most companies have an external firewall, but having an application-level firewall is also very important, because it can work at the individual protocol level, doing a different level of packet decryption to make sure that the packets that go through, in fact, are clean.

KULEEN BHARADWAJ: You talked about decryption, so what will happen if this traffic is encrypted over SSL? ISA Server will decrypt the traffic, examine the content, and then re-encrypt the good traffic before forwarding it on. And because ISA server truly understands how Exchange, SharePoint, and Live Communication Servers work, it provides automated tools and wizards that make it really easy to define the policies, to set up secure remote access to these servers.

BOB MUGLIA: And all these things are integrated together with Active Directory, so user credentials only need to be entered once across all of the wide variety of sites that you may want to publish to your users in the Internet.

KULEEN BHARADWAJ: That’s right. So let’s go see how Contoso does server application protection, and go to the Antigen Management Console. Antigen is an anti-virus product that uses multiple different anti-virus scan engines from different providers. You can simultaneously use up to 9 different AV engines, such as Sophos, Computer Associates, and Norman. So what this does is it gives you fail-over capability, and it gives you the ability to leverage different strengths of all these different AV engines.

For example, some of these are really good at providing against macro-viruses, while others are really good at protecting against worms.

BOB MUGLIA: And if only one of them has a particular virus that’s just hit, you’ll be able to catch that, as well. This idea of having multi levels of engines, multi levels of protection overall, but then also multiple engines on the server is very important for shared sites like Exchange or SharePoint.

KULEEN BHARADWAJ: Exactly. So let’s take a look at Antigen for SharePoint. So here Contoso’s administrators can define policies to block a wide range of files, and as we saw earlier, Mark could not upload his song by merely changing the file extension, because Antigen checks for true file types. Contoso also uses Microsoft Operations Manager to gain visibility into the state of his machine. It also centralizes the security alerts from all the different servers, as well as the clients, which are protected by Forefront client security.

Speaking of clients, what are the new security features in Windows Vista? Vista has three really cool new security features. There’s a new user account control feature, which will give Mark least privilege access, but it will allow him to run all the applications that he needs to. Then there’s the Bit Locker feature, which will allow Mark to encrypt the entire hard drive on his laptop, then good luck to them for trying to extract the data from it. Finally, because [Windows] Vista has Internet Explorer 7 protected mode, it protects Mark while he is surfing the Internet, and prevents the silent install of malicious code on his machine.

BOB MUGLIA: Put that together with literally thousands of person years of engineering work focused on improving the security of the operating system, and when “Longhorn” Server ships, network access protection that will ensure that PCs are quarantined off of your network until specific health policies that you’ve defined have been passed, whether you’re coming into a VPN, or coming  or trying to attach to an Intranet through a direct connection or a wireless connection, NAP will protect all of those, that’s [Windows] Vista or XP clients together with “Longhorn” Server.

KULEEN BHARADWAJ: That’s the end of my demonstration. Thank you very much, Bob.

BOB MUGLIA: So you can see a broadened focus on building security solutions to secure your enterprise. Again, a key distinguishing characteristic here is the way we are able to work across Microsoft products, to provide a level of integration that simplifies your IT operation. Products like Antigen and the update to ISA will be available just in a couple of months in September, and we’ll be rolling out the full suite of Forefront products over the next year or so. So these are all very important products. These will be covered as well by Bob Kelly in his strategic briefing. That will, once again, happen tomorrow starting at 1:30 to 2:45.

(Video segment.)

MARY LYNN RAJSKUB: Hi, guys. I need two developers. Anybody, anybody, anybody? Don’t be shy. You guys, I need you. See you later, forget it, first row. We’re going far right. Who is it? You, what’s your name?


MARY LYNN RAJSKUB: Tim, let’s go, I need your help.

Who else? C’mon! How are you doing?

PARTICIPANT: I’m doing well, how are you?

MARY LYNN RAJSKUB: Pretty good. Where are you from?

PARTICIPANT: Minneapolis.

MARY LYNN RAJSKUB: I heard it’s a great town. What’s your name?


MARY LYNN RAJSKUB: Jake and Tim. C’mon, you guys, come on stage. This is important. I’ve been thinking about something, and I need your help. Yeah, come on. (Laughter.) Are you a developer? What’s your name?


MARY LYNN RAJSKUB: Eric. (Laughter.) Let’s hold hands. OK, you guys.

PARTICIPANT: This is my good side.

MARY LYNN RAJSKUB: OK, we’ve got — yeah, stick it out, Jake, put it out there. (Laughter.) All right, that’s enough. This is a clean crowd, let’s work clean.

OK, Tim, Eric, and Jacob, I brought you guys here to give me strength, OK? I’ve got to face this way. Your backside is distracting. (Laughter.) No, never mind, it’s my thing.

I owe all of you developers or anyone connected to creating apps an apology. I’m sorry, you guys. Because I’ve been creating completely unrealistic expectations for all of your information workers. (Laughter.) I see that now. I didn’t get it at first, but I get it. And technically you know it’s not my fault, it’s “24’s” fault. Right? I mean, every Monday night we make people believe there’s actually tracking software out there that will find someone based on their height, their weight, their hair color or even criminal intention, and that we can scan across cities in real time using crystal clear satellite surveillance, that we can get an infrared readout of that person while they’re inside a concrete bunker. I mean, Tim, am I right? It’s outrageous.

And then, you know, we’re going to overlay a map that appears on an agent’s handheld super gizmo smartphone so that they know exactly where to find them, complete with architectural intricacies of that participant building. I mean, come on, it’s impossible. But we show it happening anyway, every episode.

But this is the part I’m really sorry for, it makes the users you work with believe that you should be able to quickly build an app just as sexy for your business, yeah, one that gathers archaic information — (laughter) — information from 45 legacy systems and 1,200 old school floppy disks, displays all of it like colorful with music and animation; one that reveals full color photographs of every one of your customers, mapped with geographically, you know, maps with zip code and little 3D houses and buildings; who bought your product, Thai food and Pepto Bismol in the last four hours.

They don’t get that, first of all, it’s not possible and even if it was possible it would take a lot more time, I mean, right, Jacob? (Laughter.) Please be here for me.


MARY LYNN RAJSKUB: Whew, a free bird! (Laughter.) I mean, it would take a lot more time and a lot more money than they’re willing to spend, am I right?

So I’m sorry for that.

OK, so we’re not going to stop, of course, because it makes good drama, but I’m sorry that we make it tough on everybody who works in developer teams, especially you three. Could you guys use a hug? (Cheers, applause.) I thought so. OK, go ahead, you guys, hug. (Laughter, applause.) I don’t do that, I don’t let people touch me. (Laughter.) And that was kind of weird, you guys. (Laughter.) C’mon, seriously.

But now Bob Muglia is coming back to tell you about something that really will make your lives easier. Come on, everybody, bring him back out, Bob Muglia, everybody. Thank you, guys, thanks for coming up here.

BOB MUGLIA: So that’s great. But you actually can build all those applications that will look just like that, right?

So let’s talk about our third promise, “Advancing Business with IT Solutions, how can we help you build software that really does deliver for your customers and for your end users.

Again, we think about this in a way where the software all has to work together, the combination of products like Visual Studio, our new Expression suite of designer products, developers and designers working together with IT, building business applications with products like SQL Server and BizTalk; how can they all work together?

And how can they also connect to existing systems, all of the legacy connections that exist, Web service connections or other connections, from mainframes and UNIX systems and Linux systems, whatever you have out there? That’s an important part of the applications that you build, and we’re focused on building software to make that easier.

We’re also focused on building services and capabilities to help you build applications that really bring results, things like SQL Server Reporting Services that can bring to live business data, allowing your people to make the best possible business decisions and really align the solutions that you’re building to your business.

A key part of this is making it as easy as possible to build this software, so that the results can be demonstrated as quickly as possible and you can build solutions that drive business advantage and unique capabilities that your competitors don’t have.

To accomplish this we need to work together with the industry. We need to learn from you — that’s a good part of what this week is about — but we need to also work together with the many, many vendors that build software, provide system integration, that put all of the pieces together that allow you to create these applications. That’s why it’s so important that we provide training such as this event and other training to create a whole ecosystem for creating solutions for your business.

Now, in thinking about this we think about it as multiple stacks, how can the capabilities all fit together. The development process begins and ends across all of these stacks; the developer, the designer process, they’re all critical throughout this, connecting with IT. Data management tools, service-oriented applications and business process, being able to build that infrastructure, the BI pieces to get that data out, the business analysis, being able to create tools that are built in with products like SQL Server together with Office and particularly the new version of Office, Office 2007, to be able to provide analysis capability to your end users like they’ve never seen before.

And then also the ability to create user experiences across a wide variety of devices. More and more the applications that are being built need to run on the Web, they need to run on the Internet, they even may be targeting users with mobile phones and other mobile devices, so having consistent ways of connecting the customers and suppliers across all of that.

It’s all one connected system, and we think about the different roles that are involved in making it successful. The back-end pieces like SQL Server, as I said, are very important, connection to legacy is important, but the development and design process is also critical.

So with that, I’d like introduce Keith Smith to give us a demonstration of some of the new things we’re doing, both in Visual Studio, as well as in the Expression suite for designers. Keith. (Applause.)

KEITH SMITH: Thanks, Bob.

In this demo we’ll be showing how we’re integrating two new roles into the software development lifecycle, database professionals and professional designers. Here we are in Team Data. Let’s say we’ve been assigned a work item to rename a column in our customer’s table. To do so, we’ll navigate down to that table, expand it here, show its columns. And let’s say we want to rename a contact name column. We’ll select it, go to the data menu, choose refactor, and select rename. We’re prompted for the new name; let’s change that to contact full name, and click OK to preview our changes. All that’s left is to click apply and the rename operation is underway.

So rename is much more than a global search and replace, it’s actually a smart operation that knows how to apply this schema update completely and correctly across our entire schema.

BOB MUGLIA: The Visual Studio Team Data is an important SKU because it makes it much easier to work with data information within the database and to manage that database. This is an area where we really needed to move forward with our Visual Studio product line, and this product as a part of Visual Studio really drives forward and brings out the capabilities of SQL Server.

KEITH SMITH: Absolutely. And the rename operation has full support for undo and redo, so if we make a mistake we can quickly back out and try again.

You also notice our entire solution is under version control, so if we find a problem later on it’s easy to roll back the entire application to a last known good state.

Now, this is typically a very error prone, time consuming and tedious task, but using the change management features of Team Data you see we’ve completed it quickly and most importantly correctly.

So now let’s say we want to deploy those changes out to our development servers. This, too, is easy by selecting the data menu, going to schema compare, and choosing a new schema comparison. We can then select our database project as the source schema and the development server as the target and click OK.

So now Team Data will show us all the differences that exist between the two schemas.
We can filter to only show the differences and see what things we need to resolve.
Synchronizing the schemas is just a simple matter of clicking write updates. We’ll select yes, and just like that we’ve quickly synchronized the schemas so that all of our changes are back on our development server.

So now before we put these schema changes into our production environment, it’s probably a good idea to run our unit test. We don’t want to introduce any regression, so running those tests is probably a good idea.

BOB MUGLIA: And having testing at the database level is a key part of the Team Data to allow you to make sure that any changes you do make in the database schema environment are fully consistent and work together with your software before it gets deployed into production.

KEITH SMITH: A very good point.

So here we have our stored procedure test, this unit test for the five newest customers to our procedure. You see it’s written completely in TSQL, it includes a row count test condition down below that essentially checks to make sure that stored procedure returns exactly five rows each time it’s executed. We’re going to test by simply going to the test view, right-clicking on the test and choosing run selection.

At this point the test is executed, sample data is generated, and shortly we see it pass. So now we have higher confidence that the changes that we made to our schema can be put into production without having any unexpected side effects.

BOB MUGLIA: So that’s the database role; let’s take a look at the designer side.

KEITH SMITH: Absolutely.

So here we are in Expression Interactive Designer, also known as EID, and we’re building this rich application that has the graphics capability of the Windows Presentation Foundation baked in.

Our task as a designer is to complete this interface and then hand it off to our developer for bringing it to life.

You can see this design already has some slick animation sequences, and other graphical elements to give it some pizzazz. All we need to do is add a button to our shopping cart that allows the user to confirm the order and then check out.

But this is easily accomplished using EID. First we’ll go to the appropriate section in the UI, so we’re down here in the confirm order grid, and we’ll add a button from our rich palette of controls from Windows Presentation Foundation, and there’s our button up at the top.

So we need to move the button in an appropriate location down in the bottom center of the grid, and to do that I’ll use the layout menu. But before I do that, let me go ahead and bump up the size of our interface so we can see what’s going on here.

BOB MUGLIA: So one of the things about Interactive Designer, Expression Interactive Designer is it’s written using Windows Presentation Foundation, so we take advantage of many of the very rich capabilities that that new graphical interface provides.

KEITH SMITH: Right. So now to change the button to move it in the appropriate location, we’ll go to the layout menu. I just happen to know it should be row 13 and column 1, so let’s change that, and the button moves over.

And now since this is about designer-developer interaction, let’s go ahead and give our button a cool designer or developer friendly ID, so we’ll go ahead and select that. Great, we want to call that button “confirm order.” Developers understand that thing pretty easily. And while we’re at it, we’ll give it a cool user friendly caption. The button doesn’t really mean anything, so we’ll make it confirm order.

Now, we’re almost finished, but the button is still a bit boring and plain. What we want to do is apply the same styling to this button that exists everywhere else in our UI. We can quickly accomplish this by right-clicking on the button, choosing edit style, going to apply resource and then applying the default button style that exists.

So just that quickly we’ve finished up our interface. Now, to hand it off to the developer, all we have to do is click file and save.

BOB MUGLIA: And so this handoff between the designer and the developer is a very critical thing in Expression. The designer is designing the actual user interface and is laying it out in a way that the developer can directly take in Visual Studio and then begin to write code against.

KEITH SMITH: Very good point, and that’s what we see here. Since we’re sharing the exact same project definition files with our designer, Visual Studio has noticed the change that our designer has made and is prompting us to synchronize the files.

So we’ll go ahead and click yes to all and we’re looking at the markup that completely describes the interface. So we can quickly do a search, and there is the confirm order button that our designer added, so as a developer all I have to do is code up the logic behind this button. To do that, I’ll switch to the code view and let’s navigate to the quick events for our confirm order button, and there we go.

So now we need some order processing logic and luckily I have such logic sitting on my toolbox. So I’ll double-click and add that in.

All that’s left is to build the solution, make sure everything works, and then we’ll deploy our application using click-once.

All right, our build succeeded. Publishing an application, we’ll just right-click on the properties for the project, choose publish, and since we’re accepting the defaults I’ll just go ahead and click finish.

Now, click-once is a deployment technology that brings the same simplicity and availability to rich client applications like ours that users have expected from Web applications. So we see that our application has been published, we’ll switch over to our storefront, which we have here, and we see it’s a pretty typical e-commerce site with text and images. What we’re interested in is this online enhanced shopping experience that we just built. So let’s go ahead and start it. After a little click-once magic we arrive in Windows Presentation Foundation nirvana. So we have the videos, they’re pulling us into the site, we have some cool animation that makes using the site more interactive, more fun. We can interact with the items that we’re interested in purchasing in a more sort of immersive way.

One cool thing is rotating and taking advantage of the rich 3-D capabilities of Windows Presentation Foundation, and I can also see how my bike will look as I pass other people on the trail. (Laughter.)

So let me add that to my cart, and I’ll continue my checkout. There we go. And here’s the button. So we click that and we’re finished.

BOB MUGLIA: That’s great. So the designer and the developer working together to build a truly immersive experience for the customer.

KEITH SMITH: Absolutely.

BOB MUGLIA: That’s great. Thanks, Keith.

KEITH SMITH: Thanks, Bob. (Applause.)

BOB MUGLIA: Now, all of these products, Visual Studio, Expression, SQL Server, BizTalk all fit together. With SQL Server 2005, Visual Studio 2005, and the new version of BizTalk we have an incredible set of technologies that allow you to build solutions that will really drive your business forward.

To learn more about this, Steve Guggenheimer will be doing a strategic briefing tomorrow starting at 3:15 to 4:30.