There’s a lot of information posted about Microsoft’s efforts around Infrastructure Optimization, also known as simply IO. This is an interesting way to describe the maturity of an IT Infrastructure and also to provide clues to what would be your next logical step in improving it. Your organization can be at any of the four different maturity levels (Basic, Standardized, Rationalized or Dynamic). Microsoft has worked on three separate models (Core, Business Productivity and Application Platform).
This is all great, but most IT people find it somewhat complex to understand and even a little intimidating at first. I found that the easiest way to quickly grasp the value of these models is to look at a nice table showing the various capabilities and specific requirements at each maturity level. The table below shows that information for the Core IO Model:
| Capability Level |
Basic |
Standardized |
Rationalized |
Dynamic |
|
|
|
|
|
|
|
Identity and Access Management |
No centralized directory service |
Unified Directory Service |
Policy enforced Standard Configuration |
Centrally Managed Identity Services |
|
Multiple directories |
|
Group policy management |
Automated Account Provisioning |
|
|
|
|
|
Secure Network Access for Customers and Partners |
|
|
|
|
|
Federated Services |
|
|
|
|
|
|
|
|
Desktop, Device and Server Management |
Ad-hoc Patching |
Desktop Patching |
Server Patching |
Infratructure Capacity Model |
|
Multiple Desktop Configurations |
Standard Desktop Images |
Automated OS Deployment |
Mobile Device Management and Security at Parity with PC’s |
|
|
No Mobile Device Management |
Two Client OS |
Layered Images |
Dynamic Workload Shifting for Virtual Infrastructure |
|
|
|
Standardized Desktop Applications |
Virtualization |
|
|
|
|
Limited Mobile Device Management |
Current OS Images |
|
|
|
|
|
Mobile Device Management with SLA |
|
|
|
|
|
|
|
|
|
Security and Networking |
No Dedicated Firewall |
Standard Antivirus |
Managed Firewall |
Threat Management and Mitigation Across Client and Server Edge |
|
Limited Network Infrastructure (DNS, DHCP, etc) |
Centralized Firewall |
Host-based Firewalls |
Model-enabled Service Level Monitoring |
|
|
No Standard Antivirus |
Basic Networking Services |
Secure Remote Access |
Automated Quarantine of Non-Compliant or Infected PCs |
|
|
Manual Server Monitoring |
Monitoring Critical Servers |
Secure Wireless |
|
|
|
|
|
Server Monitoring with SLAs |
|
|
|
|
|
Managed WAN |
|
|
|
|
|
|
|
|
|
Data Protection and Recovery |
Ad-hoc Backups |
Backup and Recovery for Critical Servers |
Backup and Recovery for All Servers with SLAs |
Backup and Recovery of Clients with SLA’s |
|
No Recovery Testing |
|
Central Branch Office Backup |
Self service data backup and administration management |
|
|
|
|
|
|
|
|
ITIL/COBIT-based Management Process |
No Formalized Process |
Defined Support Services |
Defined Problem, Change and Release Management |
Business / IT Defined SLA’s |
|
No Commitment to Service Levels |
Document Incident & Problem Response Strategy |
Fully documented Operations |
Proactive and Agile |
|
|
Ad-hoc Support, Problem and Change Management |
Limited Problem, Change and Configuration Management |
Defined Service Levels |
Optimizing Service Delivery |
|
|
|
|
Enhanced Configuration Management |
Improving Service Levels, Business Continuity and Availability |
|
|
|
|
|
|
|
|
Security Process |
Limited Security Accountability |
Accountability to Data Security |
Defined Security Compliance and Automated Audit Tools |
Automated Risk Assessment |
|
No Formalized Incident Response |
Limited Risk Assessment |
RMS |
Managed Network and Data Security Process |
|
|
Limited Access Control |
Password Protection of Data |
Documented Threats and Vulnerabilities |
Automated Security Policy Verification |
|
|
|
Limited Tools and Policy Compliance Automation |
Security Standards for SW Acquisitions |
|
|
|
|
|
|
|
|
If you find the table above interesting, I invite you to further investigate the details about the models, including extensive guides on how to progress from one level to the next. I like the guides, but the best IO-related resource I have seen is a tool to assess your company’s current level by just answering a few questions. With that information at hand, you can get yourself busy with specific activities that will take you to the next level. You can also look at the other two models (the table above covers only the Core IO Model).
For details and access to the guides and assessment tool, check the main IO web site at: http://www.microsoft.com/io
Jose Barreto's Blog 
PingBack from http://world-of-mo.de/2007/08/16/ein-paar-infos-zum-trustedinstallerexe/
LikeLike