View
214
Download
0
Category
Tags:
Preview:
Citation preview
September 2004
Windows-based Hosting SolutionWindows-based Hosting Solution
Luis Miguel GarcíaMicrosoft
Windows-based Hosting 3.0GoalWindows-based Hosting 3.0Goal
The solution provides knowledge, tested best practices, tools, code samples, and scripts to enable you to plan, practice deploying, and then efficiently deploy a high-volume hosting solution using Microsoft technologies.
How Windows-based Hosting version 3.0 Improves the Customer ExperienceHow Windows-based Hosting version 3.0 Improves the Customer Experience
Monitoring and Reporting• Monitor server or service failure• Mine data• Create customer reports
Centralized Management• Use Group Policies• Improve and scale the administration of multiple servers
Update Management• Provide security alerts• Apply security updates• Reconfigure existing servers
Server Purposing• Build a new server• Repurpose existing servers
11
22
44
33
Windows-based Hosting Solution Components (2 of 2)Windows-based Hosting Solution Components (2 of 2) Hosted Services Components:
Hosted Exchange 2003 Service and LCS
Web Hosting
Data Hosting
Windows SharePoint® Services Hosting
Windows-based Hosting Solution Components and Technologies UsedWindows-based Hosting Solution Components and Technologies Used
Windows-based Hosting Windows-based Hosting solution componentsolution component
Microsoft technologies Microsoft technologies usedused
Server Purposing Automated Deployment Services (ADS)
Centralized Management Active Directory®
Update Management Microsoft Software Update Services (SUS)
Service Provisioning Microsoft Provisioning System (MPS)
Monitoring and Reporting Microsoft Operations Manager (MOM)
Web Hosting Internet Information Service (IIS)
Data Hosting SQL Server™
Windows SharePoint Services SQL Server™
Logical DiagramLogical Diagram
Active Directory: Recommended Design Single ForestActive Directory: Recommended Design Single Forest
CustomerLevel
DomainLevel
Acmehost.com
ResellerLevel
Hosting
Admin
Admin
Customer4
Admin
Customer3
Admin
Customer2
Admin
Customer1
Admin@joebobhost.com
Joebobhost.com
Admin@Sallyhost.com
Sallyhost.com
Windows-based Hosting Solution Components (2 of 2)Windows-based Hosting Solution Components (2 of 2) Hosted Services Components:
Hosted Exchange 2003 Service and LCS
Web Hosting
Data Hosting
Windows SharePoint® Services Hosting
Overview of Hosted Exchange 2003Overview of Hosted Exchange 2003
Hosted Exchange 2003 allows you to offer rich messaging services for consumers and small office/home office and small-to-medium sized enterprises.
You can offer a broad range of services that go from basic e-mail up to higher value services, such as providing additional storage, hosting vanity domains and calendars.
Overview of Hosted Exchange 2003 – User ExperienceOverview of Hosted Exchange 2003 – User Experience Customer isolation in Active Directory®, address
lists
Consumer users
Clients and protocols HTTP – Outlook® Web Access (OWA) POP3/IMAP4 RPC over HTTPS – Outlook 2003
Automated provisioning
Delegated administration
Monitoring and reporting
Experiencia de usuario finalMicrosoft Outlook: Cliente“rico” de correoExperiencia de usuario finalMicrosoft Outlook: Cliente“rico” de correo
Modo cacheado de Exchange aisla a usuario final de posibles problemas de red
Acceso HTTP/HTTPs desde Outlook (no necesario VPNs)
Compresión MAPI en servidor y empaquetado del buffer
Posibilidad de supervisar el Rendimiento
Filtros avanzados para correo no solicitado
Listas de seguridad para mayor control de correo no solicitado
Bloqueo por defecto de HTML Externo
Autenticación Kerberos
entre Outlook-Exchange
Experiencia de usuario finalMicrosoft Outlook: Cliente“rico” de correo
Experiencia de usuario finalMicrosoft Outlook Web Access (OWA) : Básico o Premium
Experiencia de usuario finalMicrosoft Outlook Web Access (OWA) : Básico o Premium
•Cliente Premium muy cercano a Outlook 2003•Mejor rendimiento•Modos básico/avanzado•Features: Spellcheck, Tasks, Rules•Seguridad: S/MIME, Timed Log-off, bloqueo de direcciones y de attachments
Experiencia de usuario finalMicrosoft Outlook Web Access (OWA) : Básico o Premium
Experiencia de usuario finalMicrosoft Outlook Web Access (OWA) : Calendario
Experiencia de usuario finalAcceso desde dispositivos móviles (basados en Windows Mobile)
Experiencia de usuario finalAcceso desde dispositivos móviles (basados en Windows Mobile)
Sincronización de correo, tareas y calendario
AUTD : notificación SMS para sincronización automática
Experiencia de usuario finalAcceso desde todo tipo de dispositivos móviles: Outlook Mobile Access (OMA)
Experiencia de usuario finalAcceso desde todo tipo de dispositivos móviles: Outlook Mobile Access (OMA) Soporte para HTML, Extensible HTML
(XHTML), Wireless Application Protocol (WAP) 2.x, y HTML (CHTML iMode)
Usar Email Borrar, Marcar, hacer seguimiento Escribir, Reenviar, Responder Acceder a la estructura de carpetas
Encontrar Contactos Buscar en las libretas de direcciones Establecer llamadas y enviar mensajes
Calendario Ver y Crear reuniones Aceptar, Hacer Tentativas, Declinar Responder a peticiones o cancelaciones de
reuniones
Tareas Actualizar, marcar como acabada, tomar notas
Contactos Visualizar y Añadir contactos
Overview of Hosted Exchange 2003– Solution ContentsOverview of Hosted Exchange 2003– Solution Contents Documentation
Pub Studio content viewer PDF’s for printing
Reference architecture Fully prescriptive deployment steps
Code Provisioning Monitoring and reporting MakeGAlLinked.exe SMTP Domain Event Sink RPC over HTTP profile configuration Web site
Fully tested PSS supported
StepsSteps
Improvements in Back-end Exchange 2003Improvements in Back-end Exchange 2003
Improvements related to back-end server deployment include: Support for 8-node clustering
Memory management
Permissions model
Improvements in Front-end Exchange 2003Improvements in Front-end Exchange 2003
Improvements related to front-end server deployment include: RPC proxy server
Outlook Mobile Access (OWA)
Exchange ActiveSync®
OWA forms-based authentication
OWA S/MIME
OWA compression
Improvements in Client ConnectivityImprovements in Client Connectivity
You can give customers more options for accessing e-mail, calendar, and contact information:
Outlook 2003
Outlook Web Access 2003
Outlook Mobile Access
ActiveSync
You can integrate a self-provisioning Web site for customers with the Hosted Exchange Web service methods and MPS. Through the site, a users could:
Update their Outlook profile settings.
Automatically configure their Outlook 2003 to connect directly through the Internet to Hosted Exchange 2003.
Hosted Exchange Services
Exchange Front-end Servers
SMTP:EXSMTP01EXSMTP02
OWA/POP/IMAP and RPC Proxy:
EXFE01EXFE02EXFE03
Exchange Back-end Server Cluster (4+1)
EXBE01EXBE02EXBE03EXBE04EXBE05
Exchange ServersExchange Servers
Front-end Exchange ServersFront-end Exchange Servers
Eight client access methods Outlook® Web Access (OWA)
Outlook Mobile Access (OMA) ActiveSync®
Simple Mail Transfer Protocol (SMTP)
Post Office Protocol 3 (POP3)
Internet Message Access Protocol, version 4 (IMAP4)
Full Messaging Application Programming Interface (MAPI)
Outlook over the Internet (RPC/HTTP)
Front-end roles are divided into servers based on the protocols used
Back-end Server Software RequirementsBack-end Server Software Requirements
All five nodes of the back-end Exchange 2003 Server cluster must run the following software: Microsoft Windows Server™ 2003, Enterprise
Edition
Microsoft Exchange Server 2003, Enterprise Edition
Note: You You mustmust install the security update described in the Microsoft Security Bulletin MS03-026 on install the security update described in the Microsoft Security Bulletin MS03-026 on Windows Server 2003.Windows Server 2003.
Note: You You mustmust install the security update described in the Microsoft Security Bulletin MS03-026 on install the security update described in the Microsoft Security Bulletin MS03-026 on Windows Server 2003.Windows Server 2003.
Back-end and Front-end Server ArchitectureBack-end and Front-end Server Architecture
Platform ServicesWeb and Data Hosting
Hosted Exchange Services
Border Router Perimeter/NetPerimeter/NetPerimeter/NetPerimeter/Net Perimeter Firewall Services
Packet and Port FilteringSSL TerminationStateful InspectionApplication Filtering
FrontNetFrontNetFrontNetFrontNet
BackNetBackNetBackNetBackNet
BackUp-Build-NetBackUp-Build-NetBackUp-Build-NetBackUp-Build-Net
Exchange Front-end Servers
SMTP:EXSMTP01EXSMTP02
OWA/POP/IMAP and RPC Proxy:
EXFE01EXFE02EXFE03
Web HostingWEB01
External DNSDNS01DNS02DNS03DNS04
Patch Management
SMS01
Provisioning Front-end
PROV01
Backup and Restore
Exchange Back-end Server Cluster (4+1)
EXBE01EXBE02EXBE03EXBE04EXBE05
Data HostingShared
SQL01Dedicated
SQL02
Monitoring and Reporting
MOM01MOMSQL01
Active Directory
AD01AD02
Service Provisioning
MPS01
Server Purposing
ADSC01
RPC over HTTP PortsRPC over HTTP Ports
Considerations for Defining Service Level AgreementsConsiderations for Defining Service Level Agreements Defining service level and service level
agreements (SLAs)
Considerations for Exchange Server requirements
Considerations for monitoring and reporting requirements
Considerations for provisioning requirements
Colaboración en tiempo real: VisiónColaboración en tiempo real: Visión
Conectar personas e informaciónen tiempo real aumentando la eficiencia del negocio y acelerando la toma de decisiones
Colaboración multimodal Fácil de usar, integrado con las aplicaciones existentes y
extensibles Integrado con la infraestructura existente Disponibilidad Seguridad
PlataformaCliente
Client API
Windows Messenger
5.0
Third-party Client
Third-party Automation
SIP
Third-party Application
Third-party Script
Client API
Third-party Application
Audio/VideoAudio/Video
Application SharingApplication Sharing
Remote AssistanceRemote Assistance
Instant MessagingInstant Messaging
NotificationsNotifications
PresencePresence
File TransferFile TransferWhiteboardingWhiteboarding
Experiencia de usuario sencillaExperiencia de usuario sencilla
Windows Messenger 5.0 integra distintos tipos de sesiónWindows Messenger 5.0 integra distintos tipos de sesión
PlataformaServidor
Client API
Windows Messenger
5.0
Third-party Client
Third-party Automation
SIP
Third-party Application
Third-party Script
Client API
Third-party Application
Basado en SIP Basado en SIP
Protocolo sencillo que provee localización, negociación y gestión
Funciones INVITE, ACK, BYE, CANCEL, OPTIONS, REGISTER
SUBSCRIBE, NOTIFY, MESSAGE
Requiere de cliente y servidor Session and state is maintained by the endpoints
User Agent - UA Client, UA Server
Registrar, Redirector and Proxy (funciones de servidor)
Otros protocolos internos a SIP Session Description Protocol (SDP)
SIMPLE ExtensionsSIMPLE Extensions Alternative to Wireless Village (IMPS) and XMPP (Jabber) Supported by Microsoft, IBM, Sun, Oracle, Cisco, Avaya dynamicsoft,Nokia, Ericsson,
Nortel
A framework for event notifications Presence changes are the focus, but can be applied to wide range of events PUBLISH: Allows client to inform server of event SUBSCRIBE: Creates a subscription to changes in some state NOTIFY: Informs subscribers of the event change CPIM-PIDF: XML format for conveying presence information (carried in the NOTIFY) RPID: Extensions to CPIM-PIDF for richer presence such as location information
http://www.ietf.org/internet-drafts/draft-ietf-simple-rpid-00.txt
A mechanism for sending instant messages MESSAGE: Carries the instant message. Defined in RFC3428
http://www.ietf.org/rfc/rfc3428.txt
Integración telefonía tradicionalIntegración telefonía tradicional
ServerRequerimientosServerRequerimientos
2 X procesadores (1.4 Ghz)
Red: 100 Mb/Sec
2 GB RAM
Disco: 2X40Gb Ultra2 SCSI RAID 0
Total number of
users
Required number
of home
servers
Recommended
number of
front-end
servers
Maximum number
of users per
home server
1,000 1 N/A 10,000
5,000 1 N/A 10,000
10,000 1 N/A 10,000
20,000 2 1-2 10,000
30,000 4 1-2 7,500
50,000 8 2 6,500
100,000 16 2 6,500
150,000 24 4 6,500
PlataformaExtensibilidad
Client API
Windows Messenger
5.0
Third-party Client
Third-party Automation
SIP
Third-party Application
Third-party Script
Client API
Third-party Application
Ejemplos de integraciónEjemplos de integración
Agente inteligente: SQL Server for Notification Services y alertas (Servicio de alertas helpdesk)
Enrutamiento de llamadas que entren fuera del horario de trabajo a un sistema contestador
Definición de un contacto virtual que enrute la llamada al contacto desocupado (HelpDesk)
Windows-based Hosting Solution Components (2 of 2)Windows-based Hosting Solution Components (2 of 2) Hosted Services Components:
Hosted Exchange 2003 Service and LCS
Web Hosting
Data Hosting
Windows SharePoint® Services Hosting
Web Hosting BenefitsWeb Hosting BenefitsBenefitBenefit DescriptionDescription
Increased Web server reliability and availability
IIS 6.0 features a new, fault-tolerant architecture with health monitoring and process recycling that significantly increases the reliability of your Web server infrastructure.
Easier server management
IIS 6.0 features new management tools that reduce the time it takes to manage your Web server infrastructure, including a plain text XML configuration file that can be modified without having to stop the server.
Server consolidationIIS 6.0 is a highly-scalable Web server that provides new opportunities for Web server consolidation and enables more applications to be hosted on a single server.
Faster application development
With Windows Server 2003 and IIS 6.0, application developers benefit from a single, integrated application hosting environment and a broad choice of languages for rapid application development.
Increased securityIIS 6.0 provides improved security for Web servers. IIS 6.0 is locked down by default, limiting the attack surface area through aggressive security defaults.
Web HostingWeb Hosting
Windows-based Hosting 2.0 addresses these new Windows Server 2003 technologies: IIS 6.0
ASP.NET
NAS/UNC
POP3
SMTP
FTP / FrontPage content publishing to same content hierarchy
FTP user isolation support
Web Hosting Scenarios Web Hosting Scenarios The scenarios below describe the most likely configurations for service providers:
Discount Dedicated Hosting The host running IIS is dedicated to the exclusive use of one customer
and there is no Active Directory management of the server or users. Managed Dedicated Hosting
The host running IIS is dedicated to the exclusive use of one customer and Active Directory may be used by the service provider to manage the server, but not the users.
Shared Web Hosting The host running IIS is shared by multiple customers and Active
Directory is used to manage the server and the users. IIS deployments are configured to use Windows Authentication mode. When IIS is integrated with Active Directory in this way, only users with a valid Active Directory account can connect.
Application Hosting The service provider offers either shared or dedicated Web hosting
services and uses Active Directory to manage the server and users. The Web sites hosted in IIS will often be integrated with other applications. IIS deployments are configured to use Windows Authentication mode because Active Directory is used to manage both the server and the users.
StepsSteps
Internet Information Server (IIS) 6.0 ArchitectureInternet Information Server (IIS) 6.0 Architecture
WWW WWW ServiceServiceWWW WWW
ServiceService
Co
nfi
g M
gr
Pro
cess
Mg
r
HTTP.sysHTTP.sysHTTP.sysHTTP.sys
Web GardenWeb Garden
W3WP.exeW3WP.exeW3WP.exeW3WP.exe
ISAPIISAPIExtensionsExtensions(ASP, etc.)(ASP, etc.)
ISAPI FiltersISAPI Filters
Application Pool 2
Application Pool 2
W3WP.exeW3WP.exeW3WP.exeW3WP.exe
ASP.NET ISAPI
CLR Application Domain
CLR Application Domain
W3WP.exeW3WP.exeW3WP.exeW3WP.exe
ASP.NET ISAPI
CLR Application Domain
CLR Application Domain
INETINFOINETINFO
metabase
Application Pool 1
Application Pool 1
W3WP.exeW3WP.exeW3WP.exeW3WP.exe
ISAPIExtensions(ASP, etc.)
ISAPI Filters
Web Gardens and Processor AffinityWeb Gardens and Processor Affinity
Web Gardens Application pool with
multiple worker processes
Connection-based routing within garden
Processor affinity Bind processes to one
or more CPUs
Mask-based configuration
HTTP.sysHTTP.sysHTTP.sysHTTP.sys
Web Garden Application Pool
WWW WWW ServiceServiceWWW WWW
ServiceService
Worker ProcessWorker ProcessWorker ProcessWorker Process
ISAPIExtension
ISAPI Filter
Web Hosting Security OverviewWeb Hosting Security Overview
IIS 6.0 not installed by default Except Web Server Edition
Web Service Extensions Deny all undefined ISAPI and CGI
Improved NTFS permissions
Default Web site is static content only
URLScan-like rules enforced by default in http.sys
Undefined MIME types are not delivered
Applications do not run as System
Windows-based Hosting Solution Components (2 of 2)Windows-based Hosting Solution Components (2 of 2) Hosted Services Components:
Hosted Exchange 2003 Service and LCS
Web Hosting
Data Hosting
Windows SharePoint® Services Hosting
Overview of Data HostingOverview of Data Hosting
Provide Data Hosting services to customers on dedicated servers, shared servers, or both.
Keep customer data secure by using one of two authentication models: The authentication method you choose impacts your
SQL Server deployment for both user authentication and the account under which the SQL Services run.
When you deploy SQL Server, choose between Windows Authentication Mode and Mixed Mode. Active Directory is required for Windows Authentication Mode and is optional for Mixed Mode.
Deploy Shared or Dedicated Servers.
Data Hosting BenefitsData Hosting Benefits
BenefitBenefit DescriptionDescription
Clickstream analysisGain a deep understanding of online customer behavior, so that you can make better business decisions.
Distributed partitioned views
Partition your workload among multiple servers for additional scalability.
High availabilityMaximize the availability of your business applications with log shipping, online backups, and failover clusters.
SecurityEnsure your applications are secure in any networked environment, with role-based security and file and network encryption.
Simplified database administration
Automatic tuning and maintenance features enable administrators to focus on other critical tasks.
Application hostingWith multi-instance support, SQL Server enables you to take full advantage of your hardware investments so that multiple applications can be run on a single server, or outsourced.
StepsSteps
Data Hosting Deployment Scenarios:Shared and DedicatedData Hosting Deployment Scenarios:Shared and Dedicated Shared – one SQL Server shared by multiple customers
Customers usually have some restrictions on how they access this server, and what SQL functionality is available For example, the Microsoft Distributed Transaction Coordinator
(MSDTC) may be disabled.
Dedicated - one SQL Server per customer Windows-based Hosting solution doesn’t recommend
placing IIS and SQL Server on the same server
Customers typically have more freedom to use all the functionality of SQL Server (unless managed by service provider, in which case some restrictions may apply)
Book 7: Data Hosting in Volume 2: Windows-based Hosting TechnologiesSee section “Deployment Options”
Data Hosting Deployment Scenarios: Active Directory ConsiderationsData Hosting Deployment Scenarios: Active Directory Considerations Uses User and Computer Management
Offers the most secure and scalable management model for SQL Server hosting
Reference architecture recommendation Could use Active Directory for SQL Server Administration
and Computer management and SQL Security for users
Active Directory performs authentication for SQL Server users
Domain-based model (requires domain controller) Administration and security through Active Directory SQL permissions granted to accounts in Active Directory
Reference architecture recommendation Other Models: Mixed, Stand-alone
Book 7: Data Hosting in Volume 2: Windows-based Hosting TechnologiesSee sections “Directory Considerations” and “Directory Models”
Data Hosting - Network Configuration and Security for SQLData Hosting - Network Configuration and Security for SQL
SQL ports necessary for discovery and connection to the server are only accessible from servers located in your data center
Reference architecture doesn’t support external connectivity directly to SQL Server
Provides Enterprise Manager access to customer databases, without opening SQL ports to the Internet
Offer Virtual Private Network (VPN), through firewalls, for customer applications that need access, from the Internet, to internal databases
Firewall port configuration Outside of reference architecture Allows enterprise manager or application access through firewall
Reference architecture uses Active Directory SQL Server must communicate with an Active Directory domain
controller Ensure any firewall between SQL Server and the Active Directory domain
controller is configured appropriately for Active Directory authentication traffic
Book 7: Data Hosting in Volume 2: Windows-based Hosting TechnologiesSee sections “Network Considerations,” “Network Security,” and “Customer Access to Enterprise Manager”
Windows-based Hosting Solution Components (2 of 2)Windows-based Hosting Solution Components (2 of 2) Hosted Services Components:
Hosted Exchange 2003 Service and LCS
Web Hosting
Data Hosting
Windows SharePoint® Services Hosting
Windows SharePoint Services OverviewWindows SharePoint Services Overview
Windows SharePoint Services Hosting allows you to create Web sites for information sharing and document collaboration.
Windows SharePoint Services is a component of the Windows Server 2003 information worker infrastructure that: Provides team services and sites to Microsoft
Office System and other desktop programs.
Serves as a platform for application development.
Windows SharePoint Services Benefits Windows SharePoint Services Benefits BenefitBenefit DescriptionDescription
Advanced file sharingWindows SharePoint Services supplies Web sites with document storage and retrieval with check-in and check-out functionality, version history, custom metadata, and flexible, customizable views.
Information management
SharePoint sites store event calendars, contacts, Web links, discussions, issues lists, announcements, and more.
Configurable user control
You can grant users the ability to create sites, control site membership, monitor site usage directly, and moderate content submissions. Users can create and share site templates.
Tracking and quota management
Despite the authority delegated to users, Windows SharePoint Services enables you to track which sites are created, who owns them, how long a site has gone unused, and so on.
Enterprise scalability
Deploy Windows SharePoint Services in server farms that support tens of thousands of sites and can handle hundreds of thousands of users. Windows SharePoint Services supports load balancing for Web servers and server clustering technology for all data.
Choice of management channels
You can manage and configure Windows SharePoint Services by using a Web browser or command-line utilities. You can also manage server farms, servers, and sites by using the Microsoft .NET Framework–based object model and Web services.
The newest version of Windows SharePoint Services Hosting includes the following new features:The newest version of Windows SharePoint Services Hosting includes the following new features:
A Microsoft Provisioning Service (MPS) provider, allowing better integration between Windows SharePoint Services and MPS
A Microsoft Provisioning Service (MPS) provider, allowing better integration between Windows SharePoint Services and MPS
Changes to quota template usage, including the use of storage-based quotas and site-based quotas (except in shared deployments)
Changes to quota template usage, including the use of storage-based quotas and site-based quotas (except in shared deployments)
What’s New in Windows SharePoint ServicesWhat’s New in Windows SharePoint Services
Windows SharePoint Services ArchitectureWindows SharePoint Services Architecture
Microsoft’s Hosting SolutionsMicrosoft’s Hosting Solutions Windows Shared Hosting Accelerator:
Scalable, feature-rich Web hosting offering for Windows Server 2003 Free for hosters Delegated admin (security, data, Web logs) Better technical guidance, tools and best practices
Windows-based Hosting Discussions community forums: Answers on technical configuration, deployment, and operations management
of Windows-based Hosting services for administrators of hosting services Managed and monitored by the Microsoft Solution Group Information on the Windows-based Hosting solution, the Solution for Hosted
Exchange, Shared Web Hosting Deployment Guide, IIS, SQL and ASP.NET
Shared Hosting Deployment Guide: Guidance to deploy Windows Server 2003 and SQL Server 2000 in a shared
Web hosting environment Simple, practical, procedure-based guidance on configuration, deployment,
and troubleshooting
Hosted Exchange 2003: Hosting platform for service providers to offer Rich & Basic e-mailboxes (OWA, OMA,, MAPI, POP3) Collaboration Services
© 2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Recommended