Windows XP
Migration
Yasser, Microsoft
&
Sanjeev Bhor, Dell
Solutions Road Show 2013
10 – 13 December 2013 | India
Moving to
Modern OS
Yasser A Ahmed
Tech. Solutions Professional – Windows Client and Devices
Microsoft India
On April 8, 2014 Windows XP will reach
the end of support lifecycle and will no
longer be supported.
Windows XP
Launch
Windows XP SP3
Launch
Windows XP SP3
End of Support
October
2001
April
2008
April 8
2014
Thank you for being a Windows XP
Customer!
Start Moving from Windows XP today
Retire
Workstyle 2001
Today…..
anywhere, anytime expectations
BYOD goes mainstream
dynamic, connected, global
environment businesses at crossroads
Top Three Reasons to Retire Windows XP
and move to a Modern OS today!
1
Get Value today. Get Modern.
Windows 7
“Windows 7 has
gotten positive reviews, and
many Gartner clients are now
in the midst of their
production deployments.” Gartner
2
Eliminate Risks of
Windows XP End of Support
3
Deployment is easier
than you think
Windows 8
Organizations that continue to
retain a Windows XP environment not only are
leaving themselves exposed to security risks
and support challenges but also are wasting
budget dollars that would be better used in
modernizing their IT investments.” - IDC
Whitepaper (May 2012)
Risks
• Lack of support from ISVs and OEMs for the
new applications and PC hardware
• Security and compliance issues running
unsupported software
• Need to purchase expensive custom support
• Office 2013 does not work with Windows XP
• Deployment tools, guidance and best
practices on Springboard /TechNet
• Windows 8 Evaluation edition
Accelerate
Top Three Reasons to Retire Windows XP
and move to a Modern OS today!
1
Get Value today. Get
Modern.
Window
s7
“Windows 7 has
gotten positive reviews, and
many Gartner clients are now
in the midst of their
production deployments.” Gartner
2
Eliminate Risks of
Windows XP End of
Support
3
Deployment is
easier than you
think
Window
s8
Organizations that continue to
retain a Windows XP environment not only are
leaving themselves exposed to security risks
and support challenges but also are wasting
budget dollars that would be better used in
modernizing their IT investments.” - IDC
Whitepaper (May 2012)
Risks
• Lack of support from ISVs and OEMs for the
new applications and PC hardware
• Security and compliance issues running
unsupported software
• Need to purchase expensive custom support
• Office 2013 does not work with Windows XP
Accelerate
• Springboard Series on TechNet
Windows 7 for the Enterprise
Make Users
Productive Anywhere
Enhance Security
& Control
Streamline PC
Management
• At their desk
• In a branch
• On the road
• Protect data & PCs
• Built on secure
foundation
• Easy migration
• Keep PCs running
• Virtualization
Fast, Responsive, Reliable
Windows 8 in the Enterprise
Devices & Experiences People Love
No
Compromise
Business Tablet
New
Possibilities in
Mobile
Productivity
Enterprise-Grade Solutions
Enhanced Endto-End
Security
Management
and
Virtualization
Top Three Reasons to Retire Windows XP and
move to a Modern OS today!
1
Get Value today. Get
Modern.
Window
s7
“Windows 7 has
gotten positive reviews, and
many Gartner clients are now
in the midst of their
production deployments.” Gartner
2
Eliminate Risks of
Windows XP End of
Support
3
Deployment is
easier than you
think
Window
s8
Organizations that continue to
retain a Windows XP environment not only are
leaving themselves exposed to security risks
and support challenges but also are wasting
budget dollars that would be better used in
modernizing their IT investments.” - IDC
Whitepaper (May 2012)
Risks
• Lack of support from ISVs and OEMs for the
new applications and PC hardware
• Security and compliance issues running
unsupported software
• Need to purchase expensive custom support
• Office 2013 does not work with Windows XP
Accelerate
• Springboard Series on TechNet
How security & threats evolved
Key Threats
• Internet was just
growing
• Mail was on the verge
1995
Windows 95
• -
Key Threats
• Melissa (1999), Love
Letter (2000)
• Mainly leveraging
social engineering
2001
Windows XP
• Logon (Ctrl+Alt+Del)
• Access Control
• User Profiles
• Security Policy
• Encrypting File System
(File Based)
• Smartcard and PKI
Support
• Windows Update
Key Threats
• Code Red and Nimda
(2001), Blaster (2003),
Slammer (2003)
• 9/11
• Mainly exploiting
buffer overflows
• Script kiddies
• Time from patch to
exploit: Several days to
weeks
Key Threats
• Zotob (2005)
• Attacks «moving up
the stack» (Summer of
Office 0-day)
• Rootkits
• Exploitation of Buffer
Overflows
• Script Kiddies
• Raise of Phishing
• User running as Admin
2004
2007
Windows XP SP2
• Address Space Layout
Randomization (ASLR)
• Data Execution Prevention
(DEP)
• Security Development
Lifecycle (SDL)
• Auto Update on by
Default
• Firewall on by Default
• Windows Security Center
• WPA Support
Windows Vista
• Bitlocker
• Patchguard
• Improved ASLR and DEP
• Full SDL
• User Account Control
• Internet Explorer Smart
Screen Filter
• Digital Right Management
• Firewall improvements
• Signed Device Driver
Requirements
• TPM Support
• Windows Integrity Levels
• Secure “by default”
configuration (Windows
features and IE)
Key Threats
•
•
•
•
•
Organized Crime
Botnets
Identity Theft
Conficker (2008)
Time from patch to
exploit: days
2009
Windows 7
• Improved ASLR and DEP
• Full SDL
• Improved IPSec stack
• Managed Service
Accounts
• Improved User Account
Control
• Enhanced Auditing
• Internet Explorer Smart
Screen Filter
• AppLocker
• BitLocker to Go
• Windows Biometric
Service
• Windows Action Center
• Windows Defender
Key Threats
• Organized Crime,
potential state actors
• Sophisticated Targeted
Attacks
• Operation Aurora
(2009)
• Stuxnet (2010)
2012
Windows 8
• UEFI (Secure Boot)
• Firmware Based TPM
• Trusted Boot (w/ELAM)
• Measured Boot and
Remote Attestation
Support
• Significant Improvements
to ASLR and DEP
• AppContainer
• Windows Store
• Internet Explorer 10
(Plugin-less and Enhanced
Protected Modes)
• Application Reputation
moved into Core OS
• BitLocker: Encrypted Hard
Drive and Used Disk
Space Only Encryption
Support
• Virtual Smartcard
• Picture Password, PIN
• Dynamic Access Control
• Built-in Anti-Virus
Windows XP End of Support – April 2014
Impact:
• Security Updates and patches to discontinue.
• No more product fixes and service packs
• No. of patches released in last 2 years below
Operating System
No. of Patches
Windows XP Professional with SP2
Windows XP Professional with SP3
3
154
Total
157
Continue to be on Windows XP will exposed organizations to
security risks and in unsupported environment
*Source: MS Security Bulletin 2011-2012
Patches released in last 2 Years
Severity
Types of Patches
120
119
100
80
104
40
Total
47
20
3
0
Moderate
Total
Important
MICROSOFT WINDOWS XP SERVICE
PACK 3
60
Critical
REMOTE CODE
EXECUTION
7
INFORMATION
DISCLOSURE
26
ELEVATION OF
PRIVILEGE
2
DENIAL OF SERVICE
120
100
80
60
40
20
0
Microsoft Windows XP
Service Pack 3
End of Support will leave you unprotected from future security threats like
RCE or DOS
*Source: MS Security Bulletin 2011-2012
Top Three Reasons to Retire Windows XP
and move to a Modern OS today!
1
Get Value today. Get
Modern.
Window
s7
“Windows 7 has
gotten positive reviews, and
many Gartner clients are now
in the midst of their
production deployments.” Gartner
2
Eliminate Risks of
Windows XP End of
Support
3
Deployment is easier
than you think
Window
s8
Organizations that continue to
retain a Windows XP environment not only are
leaving themselves exposed to security risks
and support challenges but also are wasting
budget dollars that would be better used in
modernizing their IT investments.” - IDC
Whitepaper (May 2012)
Risks
• Lack of support from ISVs and OEMs for the
new applications and PC hardware
• Security and compliance issues running
unsupported software
• Need to purchase expensive custom support
• Office 2013 does not work with Windows XP
Accelerate
• Springboard Series on TechNet
Ready To Deploy
Learn Microsoft’s Free Deployment Tools
Microsoft
Deployment
Toolkit (MDT)
Windows
Deployment
Server (WDS)
Application
Compatibility
Toolkit (ACT)
Microsoft
Assessment
and Planning
Toolkit (MAP)
Still on Windows XP?
Start your migration from Windows XP now!
Plan to adopt Windows 7 and Windows 8 side by side
Meet
Windows 8
Meet the Start screen.
A personalized
bulletin board,
bringing the
things that
matter to the
screen of your
device.
• Windows Store
• People
• Internet
Explorer 10
• SkyDrive
• Mail
• Calendar
• Photos
• Messaging
• Desktop
Maps
Sports
Travel
Bing
Camera
Finance
News
Video
Weather
Xbox 360
Games
• Music
•
•
•
•
•
•
•
•
•
•
Windows 8 for Enterprise
Devices & Experiences People Love
Enterprise-Grade Solutions Businesses Need
Fast and
Fluid
Enhanced
End-to-End
Security
New
Possibilities in
Mobile
Productivity
Easy
Management
Legacy vs. Modern Boot
Legacy
Boot
BIOS
OS Loader
(Malware)
OS Start
• BIOS Starts any OS Loader, even malware
• Malware may starts before Windows
Modern
Boot
UEFI
Trusted
Loader
Only
OS Start
• The firmware enforces policy, only starts signed OS loaders
• OS loader enforces signature verification of Windows
components. If fails Trusted Boot triggers remediation.
• Result - Malware unable to change boot and OS
components
BitLocker and BitLocker to Go
BitLocker
• Prevents unauthorized access to data on lost or stolen PCs
• Supports full volume encryption of OS and Data volumes
• Offers variety of pre-boot authentication options:
• TPM-only, PIN/Password, Network Unlock, USB storage
• Supports PCs, Servers, and “Slate” form factors
BitLocker to Go
• Used to protect data on removable drives
• Able to deny or grant write access to volumes by
organization
• Enables read-only access on Windows Vista & Windows XP
Secure: Protects Corporate Data


New Password Key Protector
Pre-OS password to unlock
Windows To Go

Protects Windows boot process
and anti-malware software
New Use Cases with Windows To Go
Contractors
Bring Your
Own Device
(at work)
Travel Light /
Work from
Home
Shared PCs
Windows Defender – Inbuilt Anti-malware
• Protecting the system from known and unknown
threats
• Windows Defender, a Ground breaking
comprehensive Virus Solution
• Protects against full range of malware, not just
adware and spyware
• Real-time (active) protection
• High performance
• Optimized for the user experience
• Automatic Updates
AppLocker- Preventing Unwanted Software
Deny
•
•
•
Allow list of approved applications
•
•
Exception
•
*
Work Anywhere - DirectAccess
Productivity on the road
Exchange
SharePoint
Data
servers
Lync
FIREWALL
SkyDrive
DirectAccess
WINDOWS 8
ADVANCEMENTS
• Access through local server
when travelling
• More scalable
Mobile Broadband
• Ease of deployment
• Deployment Wizard
• Part of RAS Server Role
• Utilize existing infrastructure
• Support for one-time password
• Mobile broadband
enhancements
*Internet access required
BENEFITS
Persistent internet
connection
Easy and secure
access to corporate
data behind firewall
Seamless personal
data access
One device for life
and work when
travelling
Improved network and data
delivery performance
•
File division performed only one time and may
be done offline
•
Smaller file division reduces duplicates and
increases bandwidth savings
•
Pre-load or distribute content to branch offices
ensuring immediate availability and reducing
network usage during peak times
•
Reduced print file data traversing the network
and decreased print response times
Thank You!
© 2012 Microsoft Corporation. All rights
reserved.
MS Windows Migration…
A Dell Perspective
Sanjiv Bhor
Practice Lead, End User
Computing
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows
Migration
Journey
31
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows Adoption Workshop
Path to Migration Overview
Windows Readiness Assessment
Migration
Planning
Application
Readiness &
Remediation
Infrastructure
Design and
Build
End User
Migration &
Training
32
Confidential
• Complete a client and application Inventory
• Make informed Architectural Decisions
• Identify resource requirements and time lines
Application Rationalisation, Compatibility Reporting and
Remediation
• Identify which applications are required
• Test to ensure compatibility with Windows 7
• Package or virtualize for automated distribution
Client Management, Patch Management, AD, VDI
• Design and build the Windows Standard Build
• Define Security Policies and Settings
• Implement an Automated Deployment Solution
• Update Infrastructure (where required)
Windows & application, Automated Deployment
• Schedule End User Migration
• Define deployment and communication plans
• Provide user training and next day support
Solutions Road Show 2013
10 – 13 December 2013 | India
Migration Path
Readiness
Assessment
Application
Readiness
Windows
Configuration
Deployment
Management
Project
Management
33
Confidential
Inventory collection & rationalizations, using agent less Asset
Management tools (e.g. Dell KACE / Quest Asset Management Tool)
to collect and identify applications as well as hardware details
Compatilibty testing, remediation and packaging. Provide a RAG
(Red, Amber, Green) status for each required application as well as
recommended remediation strategy.
Deliver a stable and secure Windows platform tightly integrated
with the customer’s client management solution. The platform Can be
integrated with a variety of management platforms (SCCM, Dell
KACE or MDT)
Provide a flexible model for deployment, kitting and logistics, asset
recovery and support throughout the deployment
Dell combines our own expertise, industry best practice, and tools to
automate processes, centralize management, and reduce
deployment costs
Solutions Road Show 2013
10 – 13 December 2013 | India
Migration Path Contd.,
End User
Training
34
Confidential
Ensure that end users are familiar with the new interface, features
and software applications (e.g. Office 2010/2013). Dell End User
Education services provide price competitive online training for
Windows 7 as well as Office 2010/2013.
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows Readiness Assessment
1.
Dell KACE or Quest Asset Manager
will find and catalog every
executable on every system &
collect key hardware data points
2.
Identify & report on more than 100
executables (including suites)
3.
Consolidate application inventory,
usage, and license data is clearly
organized by title, publisher, and
category
4
35
Software Title
Acrobat 8.x Standard
Illustrator 12.x CS2
Photoshop 9.x CS2
Diskeeper 10.x Professional
Installed
8
22
24
528
Purchased
0
5
25
400
Used
5
10
8
367
Hardware Inventory, identifying
Windows 7 capable and
non-capable devices
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Software Rationalization
Software Title
Acrobat 8.x Standard
Illustrator 12.x CS2
Photoshop 9.x CS2
Diskeeper 10.x Professional
Installed
8
22
24
528
Purchased
0
5
25
400
Used
5
10
8
367
257
348
Unused / Under Utilised
Non-Business
Duplicate Version
Duplicate Functionality
Required
38
164
69
Master
Inventory List
36
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows Adoption Workshop
Application Readiness - Compatilibty Testing
GREEN – Application is
& Remediation
compatible with Windows 7
**
37
Confidential
AMBER – Application
requires some level of
remediation or packaging
RED – Application is
incompatible. Use client
hosted virtualisation or
retire/replace application
Solutions Road Show 2013
10 – 13 December 2013 | India
Infrastructure Readiness
Process Definition
Build Engineering
Infrastructure
Adjustment
UAT & Pilot
Testing
Training
Outcome
• Process realignment for Operating System build and application delivery.
• Build Engineering of the OS Image, user data migration and deployment tools
• Infrastructure adjustment of deployment tools and supporting services.
• UAT & Pilot testing of the build, business & non business applications (performed by
SMEs & Application Owners)
• Training help desk, deployment & support teams ready for mass deployment
38
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows Migration
End User Training
Microsoft Windows 7 & 8 Essential & Office 2010 & 2013 (What’s New) with Live Tutor
Microsoft Office 2010 & 2013 (What’s New) with Live Tutor
Microsoft Windows 7 & 8 Essential with Live Tutor
Help start taking advantage of the powerful features of Windows 7 & 8 and Office 2010 & 2013 now!!
• Good for customers who are new to Windows/Office and those upgrading from earlier versions
• Unlimited access for 1 person for a full year of online training plus Live Tutor Online Chat
• Live Tutor Online Chat provides quick answers to your Windows 7 & 8 and Office 2010 & 2013 questions at real-time
What Can Customers Get?
One year access to both the online training and the Live Tutor online chat, which is selfpaced and interactive. It includes online labs that lets you practice what you have learnt.
24/7 Live Tutor right at your finger tips! Users have access to
live experts via online chat. The experts can escalate to live phone
support for users who require additional assistance. They can also
use screen share for live demonstrations and provide step-by-step
instructions.
Who Should Take This Training?
• Users with questions on how to use Microsoft Windows 7 & 8 or Office 2010 & 2013
• Users who needs to learn features of Microsoft Windows 7 & 8 or Office 2010 & 2013 quickly
39
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Unique and Proven Methodology for Windows Migration
HW and SW Discovery
Define Image & GPOs Build & Test Image
Test Plans and Labs
App Rationalization
Application Testing
Application Remediation
Implement Flex Solutions
Configure Automated Deployment
Pilot
Pilot
Rollout Scheduling and
Site/User Readiness
Discovery, Assessment
and Planning
Test and Remediation
Applications
In Dell’s real-world
testing, over half of
packages that work on
XP need to be addressed
Catalog every
executable on each PC
Dell Titling
Engine
App
Sentencing
Reports
Managed
Application
40 Library
Confidential
Automatically identify &
filter more than 93
million executables.
• Title
• Publisher
• Version
• Functional category
Apply business rules to
drive retain/retire
recommendations
• Standardize versions
• Duplicate functionality
• Business use
• License costs
• Vendor roadmaps
Results in reduce library
for Window 7 testing
Automate the
Design the Process
Deployment
Client Deployment
Assessment rates
practices in terms of
cost and best
practice.
Designs a highly
efficient PC or OS
deployment process
Rationalized
App Library
Network Bandwidth
User State
Over-reliance on the network 5-20 GB
can cause problems in
branch offices, global
Apps
locations and remote sites.
Compatible
with Win 7
Fix in
Packaging
Incompatible
Core
Remediation
& Packaging
Virtualize or
Replace
1-2 GB
User Apps
Dept Apps
Leverage factory, portable
drives and content streamed Image
over throttled network
3-4 GB
connections
Core Apps
OS
Drivers
Automate
Task Sequencer
Install
Windows 7 Compatible
Application Library
User Settings
User Data
Name
Config
Install Migrate
Image
PC
OS
Apps
Data
Solutions
Road
Show
2013
10 – 13 December 2013 | India
Report
…
Why Dell?
41
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
Windows Migration
Dell’s Experience
– Dell was number 1 in Win 7 seats deployed in 2011 & 2012
– Microsoft Win 7 Partner of the Year for 2011 & 2012
– Dell manages the deployment of over 4 million deployments a
year (globally)
– Dell Application Packaging & Virtualization factory recommended
for all Microsoft MCS engagements
– All PM are PMP & ITIL Certified
– Strong Project Methodology (Dell Project Management
Framework) that is based on PMI, Dell is Gold Partner of PMI
(Worldwide)
42
Confidential
Solutions Road Show 2013
10 – 13 December 2013 | India
What did you learn from this session
today?
Tweet your responses using the hashtag #dellst13
Thank You
Solutions Road Show 2013
10 – 13 September 2013 | India