System Center 2012 Suite

System Center 2012 Suite

Configure and manage apps, services, computers, and VMs

The Microsoft System Center suite recently underwent a major overhaul. All the products in the suite have been revised and are being released as part of Microsoft System Center 2012. System Center is a collection of products designed to help IT professionals configure and manage applications, services, computers, and virtual machines (VMs) in midsized to large enterprises. Each product in the System Center line lets IT pros manage greater numbers of applications, services, computers, and VMs than they would otherwise be able to. Although most people are aware of Microsoft System Center Operations Manager and System Center Configuration Manager, System Center 2012 is composed of a total of eight System Center products:

  • Orchestrator
  • Virtual Machine Manager
  • App Controller
  • Operations Manager
  • Configuration Manager
  • Endpoint Protection (included with Configuration Manager)
  • Service Manager
  • Data Protection Manager

With the release of System Center 2012, you can install all the components from a single unified installer, as Figure 1 shows. It's also possible to deploy the components in the traditional manner, one product at a time.

 Figure 1: Using Microsoft System Center 2012 Unified Installer
System Center 2012 provides several general improvements in all the revised products. These improvements include:

  • All products in the System Center 2012 suite are designed with interoperability in mind.
  • All products now use a standard UI that was present in more recent versions of System Center products, such as Service Manager, but that wasn't available in older products, such as Configuration Manager.
  • Products have similar infrastructure requirements. All versions support the same SQL Server back end, which means that organizations no longer need to support different versions of SQL Server to support their System Center infrastructure. All versions can be installed on Windows Server 2008 R2 without requiring you to download a substantial number of extra components.
  • All System Center products are now designed to be deployed within VMs running on supported hypervisors.
  • All System Center products have improved PowerShell support. Newly created PowerShell cmdlets let you accomplish almost all of the tasks available in each product's GUI. Some products include more than 100 new PowerShell cmdlets.
  • Improved role-based access control (RBAC) functionality lets you delegate the ability for people to perform specific management and monitoring tasks without giving them unnecessary privileges.

Let's take a look at each of the eight System Center 2012 products. Understanding how each of the components works, what's new in each product, and how each component fits into the System Center suite as a whole can help make your life as an administrator much easier.

Operations Manager

Operations Manager is the System Center monitoring solution. Operations Manager is one of the products in the System Center suite that most IT pros are familiar with, and many administrators have deployed Operations Manager 2007 R2 or its predecessors on the networks they manage.

You can use Operations Manager to monitor the performance and diagnostic output of applications, services, servers, clients, and network devices. You configure Operations Manager to generate alerts to notify you when a particular condition occurs (e.g., a service failing, a disk queue length counter falling outside a specific set of values). Through Microsoft's acquisition of AVIcode and its integration into Operations Manager, you can also use Operations Manager 2012 to carry out performance monitoring and diagnostics of .NET and JEE applications.

Operations Manager 2012 lets you do the following:

  • Monitor service, application, server, and network device availability
  • Monitor server performance, raising alerts when performance counters exceed or fall below specific thresholds
  • Monitor service, application, server, and network device diagnostic information
  • Monitor heterogeneous environments with computers running Windows, UNIX, and Linux OSs
  • Monitor services and applications across traditional deployments, as well as private and public clouds
  • View service and application dependency information across multiple locations, including both public and private clouds

The key to using Operations Manager is adding management packs. Management packs are collections of stored wisdom about specific products so that Operations Manager alerts are generated for things that you, as someone who manages that product, need to know about. For example, the Exchange Server 2010 Monitoring Management Pack for Operations Manager includes the Exchange team's knowledge about the product, including what circumstances warrant raising an alert to get an IT pro's attention.

Operations Manager management packs exist for all major Microsoft products (see Figure 2). Many third-party vendors of products that run on Microsoft platforms also publish management packs. For vendors that don't provide management packs to support their products directly, there's also a vibrant third-party management pack authoring industry. If you can't find a management pack for your product, Operations Manager includes tools you can use to create one yourself.

Figure 2: Built-in Operations Manager management packs

Configuration Manager

Microsoft System Center Configuration Manager (SCCM), formerly Microsoft Systems Management Server (SMS), is another well-known System Center product. System Center 2012's new Configuration Manager lets you manage the deployment and configuration of servers, clients, and devices on your organization's network.

You can leverage Configuration Manager to do the following:

  • Deploy customized server and client OSs
  • Deploy Microsoft and third-party applications to Configuration Manager clients
  •  Deploy software updates for Microsoft OSs and applications, as well as deploy updates to third-party applications
  • Generate an inventory of all hardware devices installed on Configuration Manager clients
  • Generate an inventory of the software configuration of Configuration Manager clients
  • Determine how often specific applications deployed to clients are actually being used, through software metering
  • Determine if the configuration of Configuration Manager clients meets a particular baseline, including application version, update installation, registry key settings, and the presence of specific files
  • Deploy and manage endpoint protection, including anti-malware and firewall configuration, through System Center Endpoint Protection 2012
  • Improve mobile device management, including management of devices running iOS and Android

Configuration Manager 2012 includes the ability for organizations to be more user-centric in the deployment of applications. You can configure Configuration Manager so that an application follows a user, no matter which device he or she is using. For example, the application might deploy as a traditional MSI (Windows Installer file) on the user's primary machine, stream through App-V when the user is logged on at another computer, and have a special version delivered to the user's phone. Figure 3 shows the Configuration Manager security roles.

Figure 3: Configuration Manager security roles

Endpoint Protection

With the release of System Center 2012, Microsoft Forefront Endpoint Protection has been folded into Configuration Manager to let you manage software updates, anti-malware software deployment, and anti-malware and firewall configuration from a single console.

Endpoint Protection anti-malware policies let you configure the following, as Figure 4 shows:

  • Scheduled scan type, time, scan-when-idle, force definition update before scan, and limiting scan CPU utilization
  • Scan targets, including email and attachments, removable USB drives, network drives, and archived files
  • Real-time protection, including downloaded files, protection against network exploits, behavior monitoring, and script scanning
  • Excluded files, folders, file types, and processes
  • Whether restore points are created before disinfecting machines and how long to wait before deleting quarantined files
  • Definition update frequency and whether to obtain updates from other sources in the event that the Configuration Manager server can't be contacted

Figure 4: Configuring an antimalware policy
A big benefit of the System Center 2012 release is related to licensing, with Endpoint Protection being included in a Core Client Access License (CAL). Therefore, if you have a license to use Configuration Manager with a client, it includes an Endpoint Protection license.

Data Protection Manager

Data Protection Manager (DPM) is Microsoft's enterprise backup solution. You can use DPM to ensure the reliable backup and recovery of Microsoft workloads, such as Exchange Server, SQL Server, Dynamics CRM, SharePoint, and Windows server and client. You can also back up third-party applications with DPM 2012, as long as there's an appropriate Volume Shadow Copy Services (VSS) writer.

New versions of DPM tend to provide the product with a broader workload, such as DPM 2010's inclusion of remote client backup and Hyper-V item-level recovery. One of the big new features for DPM 2012 is the ability to manage multiple DPM 2012 servers through a single Operations Manager 2012 console. This addresses a limitation in previous versions of DPM in which administrators needed to log on to multiple DPM servers when managing data protection across large environments because each DPM server was limited to protecting 100 production servers, 3,000 clients, and 2,000 SQL Server databases. Beyond what's available in the recently released DPM 2010, DPM 2012 also offers optimized SharePoint item-level recovery, improved reporting, and the ability to be granular with permissions through RBAC. Figure 5 shows the new DPM console.

Figure 5: DPM console

Virtual Machine Manager

Virtual Machine Manager (VMM) is Microsoft's enterprise virtualization solution. VMM goes beyond the capabilities available in the Hyper-V console that's built in to Windows Server 2008 R2 and Windows Server 2008 and lets you manage all VMs in the enterprise. VMM 2012 has a functionality focus that reflects Microsoft's Private Cloud strategy. VMM 2012 provides more than just VM management capability. Figure 6 shows the VMM console.

Figure 6: VMM console

You can use VMM 2012 to accomplish the following goals:

  • Manage VMs across multiple hypervisors
  • Create and manage clouds, services, host groups, and VMs
  • Manage third-party hypervisors, including Xen and VMware
  • Perform live physical-to-virtual migrations
  • Perform live VM migration from one hypervisor to another
  • Rapidly provision VMs based on templates
  • Leverage intelligent workload placement based on target hypervisor capacity and performance load
  • Manage virtual network and storage pools
  • Use the Server Application Virtualization (App-V) feature to simplify deploying server applications by creating a portable server application image
  • Define multi-tier services that consist of VMs and applications, and then deploy them to the fabric as simply as you would a traditional VM template in earlier versions of VMM

App Controller

App Controller is a new product in the System Center line that lets you configure self-service management of applications hosted on both public and private clouds. App Controller works by letting you delegate role-based views and control of your organization's VMM 2012 private cloud services and Windows Azure services. For example, a user who is delegated the appropriate App Controller role can migrate cloud-based applications between private and public clouds. You can install App Controller only on a computer that has the VMM 2012 console.

App Controller lets you create a library of templates for services that have predefined configuration values. Depending on the role assigned to a user, the user can use the App Controller self-service portal to spin up cloud-based applications based on these templates. App Controller uses a web-based portal rather than a traditional System Center management console. Figure 7 shows the App Controller console.

Figure 7: App Controller console

Service Manager

System Center Service Manager is Microsoft's service desk solution. Service Manager fully integrates with other products in the System Center suite. For example, you can leverage the intelligence stored in products such as Operations Manager and Configuration Manager to automatically populate a service desk job with diagnostic and configuration information as a way to help IT pros resolve tickets.

You can do the following with Service Manager:

  • Use it as a standard IT service desk job tracking system; Service Manager lets you track job resolution against differing service level agreements (SLAs) to determine if your service desk is meeting its targets
  • Leverage SQL Server Reporting Services (SSRS) to generate sophisticated reports on the problems resolved by the IT service desk
  • Track specific unit costs for storage, network, and compute resources in private cloud scenarios
  • Integrate with Operations Manager to automatically log service desk jobs and notify the appropriate staff when Operations Manager raises an alert
  • Automatically resolve some types of service requests without requiring the intervention of an IT pro
  • Configure other service request types to be processed after approval is given by appropriate service desk staff
  • Integrate with Configuration Manager to allow self-service software deployment; leverage Configuration Manager to view software and hardware inventory of specific users or computers when investigating a service desk request
  • Integrate with VMM to allow sophisticated self-service VM deployment
  • Utilize new Service Catalog and Release Management features
  • Provide third-party access to the Service Manager Data Warehouse

You can build sophisticated workflow processes into Service Manager. For example, you can configure a self-service portal so that users are able to request applications from a certain list that will install automatically and other applications that will install subject to approval. The approval process is handled through Service Manager and can be as sophisticated or as streamlined as necessary.


Orchestrator, formerly known as Opalis, lets you automate and integrate all of the other System Center products. It isn't a server in the sense that products like Configuration Manager and Operations Manager are but is instead a tool that lets you tie everything together with a specific focus on orchestrating the System Center 2012 suite. Orchestrator uses a drag-and-drop interface for building automation sequences known as runbooks. For example, you can use Orchestrator to create a runbook that, triggered by an alert in Operations Manager, uses VMM to deploy a VM from a template, uses Configuration Manager to deploy software to the new VM, configures DPM to automatically protect data sources on the new VM, and then logs all the details as a completed job in Service Manager. Figure 8 shows an Orchestrator runbook.

Figure 8: Orchestrator runbook

The benefit of Orchestrator to IT pros is that it allows automation without the complexity of creating elaborate scripts in PowerShell. The drag-and-drop interface makes automating common tasks across the System Center suite simple. It takes very little time for even the most script-o-phobic IT pro to create effective and functional runbooks.

Orchestrator uses integration packs, which are collections of discrete tasks, such as Create VM from Template, Add Computer to Collection, Start/Stop Service, or Run Program. Orchestrator also includes tools that let you create your own integration packs. Because Opalis was originally a third-party product before Microsoft acquired it, several third-party vendors such as VMware and IBM Tivoli have created Orchestrator integration packs for products that run on Windows.

You can also call Orchestrator runbooks directly from System Center Service Manager. Therefore, support staff can directly trigger complex jobs from the Service Manager console. More important, end users who have the appropriate privileges can trigger Orchestrator runbooks from self-service portals. For example, a DBA could use a Service Manager self-service portal to trigger a backup snapshot to be taken of a database prior to making changes, without having to contact the DPM administrator to perform the task.


Unlike earlier versions of the System Center products, in which each product could be purchased separately, Microsoft plans to sell System Center 2012 as a bundle and not as separate products. System Center 2012 will be available in Standard and Datacenter editions. Both editions include the same eight products. The difference is that the Standard edition supports two OS environments. These environments can be VMs or physical machines, either on premises on in the public cloud. The Datacenter edition supports an unlimited number of on-premises OS environments or eight OS environments in a public cloud environment. Microsoft claims that half of existing customers that deploy System Center products deploy the entire suite, so this approach of including everything is likely to simplify licensing for most organizations.

Licenses are necessary only for the endpoints being managed. For example, the same license will cover managing, backing up, and orchestrating a file server, or a server with SQL Server installed, or Exchange, or Dynamics, and so on.

Although the most efficient way to license large numbers of client computers is through the Core CAL and Enterprise CAL suites, System Center-specific client licensing comes in three flavors:

  • Configuration Manager clients can be licensed on a per-user or per-OS environment basis, or in the Core CAL or Enterprise CAL suites.
  • Endpoint Protection is available on a per-user or per-device basis, or in the Core CAL or Enterprise CAL suites.
  • System Center Client Management Suite is also available on a per-user or per-OS environment basis, as well as in the Enterprise CAL suite. It includes licensing for DPM, Operations Manager, Service Manager, and Orchestrator.

For more information, see the Microsoft System Center 2012 licensing page.

Looking Ahead

If leveraged properly, System Center 2012 can fundamentally change the relationship between the IT department and the rest of the organization. Integration between Service Manager, Orchestrator, and other products will let IT departments provide web portals to offer a large number of services automatically that in the past would have required the direct intervention of IT pros. Users can directly request software and services, and the IT department can create workflows in which direct approval can be granted when necessary and automatically when appropriate.

The increased PowerShell support in System Center 2012 and the simplicity with which sophisticated automation can be created through Orchestrator runbooks mean that IT pros can automate a growing number of complex tasks. These changes will allow IT pros to accomplish more with less and will help change the IT strategy from reactive to proactive.

At the Microsoft Management Summit (MMS) 2011 last March, Microsoft announced that the company would continue to release System Center products in a coordinated fashion. Microsoft also stated that releases of System Center products would be more frequent, with the sort of gap between the release of major versions of Operations Manager and Configuration Manager a thing of the past. These assertions suggest that the next revision of all products in the System Center suite will occur sometime in the 2014-2015 timeframe.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.