microsoft australia security summit design for operations nigel watson, microsoft australia david...
TRANSCRIPT
Microsoft Australia Security Summit
Design for OperationsDesign for Operations
Nigel Watson, Microsoft AustraliaDavid Lemphers, TeamForce
Nigel Watson, Microsoft AustraliaDavid Lemphers, TeamForce
Microsoft Australia Security Summit
AgendaAgenda
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Microsoft Australia Security Summit
Team Architect Problem SpaceTeam Architect Problem Space
Increased Complexity
Communication problemsSolution Architects, Devs, and Ops
Rolling security into the product
The business wears the costs…
We have the meta-data!But traditionally haven’t used it
Need to find new ways to model systems
Microsoft’s response
Increased Complexity
Communication problemsSolution Architects, Devs, and Ops
Rolling security into the product
The business wears the costs…
We have the meta-data!But traditionally haven’t used it
Need to find new ways to model systems
Microsoft’s response
Microsoft Australia Security SummitSource: David M. Anderson, Design for Manufacturability: Optimizing Cost, Quality, and Time-to-Market, Second Edition (2001), CIM Press 805-924-0200Source: David M. Anderson, Design for Manufacturability: Optimizing Cost, Quality, and Time-to-Market, Second Edition (2001), CIM Press 805-924-0200
Lessons from Car ManufacturingLessons from Car Manufacturing
Microsoft Australia Security Summit
AgendaAgenda
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Microsoft Australia Security Summit
System Definition ModelLayersSystem Definition ModelLayers
ApplicationsApplications
ApplicationApplicationHostingHosting
Logical Machines & Logical Machines & Network TopologyNetwork Topology
HardwareHardware
SystemSystemDefinitionDefinition
ModelModel
Microsoft Australia Security Summit
Team ArchitectTeam Architect
Microsoft’s approach is model-driven
Aim is to increase the level of abstraction!
But… relies on DSL’s, not generalisationsNeed ways to precisely model systems
UML techniques don’t necessarily provide this
Our approach:UML for documentation
DSL’s for modeling in a way that promotes automation
DSL’s for keeping things synchronised
SDM is the schema underlying this effort
Microsoft’s approach is model-driven
Aim is to increase the level of abstraction!
But… relies on DSL’s, not generalisationsNeed ways to precisely model systems
UML techniques don’t necessarily provide this
Our approach:UML for documentation
DSL’s for modeling in a way that promotes automation
DSL’s for keeping things synchronised
SDM is the schema underlying this effort
Microsoft Australia Security Summit
AgendaAgenda
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Microsoft Australia Security Summit
Application Connection DesignerApplication Connection Designer
Microsoft Australia Security Summit
Application Connection Designer
Microsoft Australia Security Summit
ASMX .Net Remoting
Ent. SvcsMSMQ
ASMX .Net Remoting
Ent. SvcsMSMQ
ASMX .Net Remoting
Ent. SvcsMSMQ
ASMX .Net Remoting
Ent. SvcsMSMQ
ASMX .Net Remoting
Ent. SvcsMSMQ
ASMX .Net Remoting
Ent. SvcsMSMQ
Visual Studio Team ArchitectSystem DesignVisual Studio Team ArchitectSystem Design
ASMX+WSE
ApplicationsApplications
Modeling support Modeling support for all application for all application
typestypes
Full design support Full design support for web servicesfor web services
Microsoft Australia Security Summit
AgendaAgenda
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Microsoft Australia Security Summit
Network diagrams are not aimed at developers!
Network TopologyNetwork Topology
Microsoft Australia Security Summit
DefinitionsDefinitions
A Logical Server describes the application hosting characteristics of one or more physical servers
A Logical Datacenter describes a configured set of logical servers
A Zone is a boundary - either physical or security
A Deployment Definition describes the deployment of a system to a logical datacenter
A Logical Server describes the application hosting characteristics of one or more physical servers
A Logical Datacenter describes a configured set of logical servers
A Zone is a boundary - either physical or security
A Deployment Definition describes the deployment of a system to a logical datacenter
Microsoft Australia Security Summit
Logical Data-Center DesignerLogical Data-Center Designer
ApplicationApplicationHostingHostingLayerLayer
Microsoft Australia Security Summit
Logical Datacenter Designer
Microsoft Australia Security Summit
AgendaAgenda
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Problem Space
System Definition Model
Application Connection Designer
Logical DataCenter Designer
Settings and Constraints
Deployment Designer
Microsoft Australia Security Summit
Settings and ConstraintsSettings and Constraints
SettingsApplication requirements - requirements
Host Environment - reality
Constraints – allow you to define ‘rules’Implicit (i.e. script maps)
Canned (common settings – i.e. auth required etc)
User Defined (i.e. allowable conn strs)
Two-way dialog Common mechanism for architects/infrastructure staff to communicate and validate
SettingsApplication requirements - requirements
Host Environment - reality
Constraints – allow you to define ‘rules’Implicit (i.e. script maps)
Canned (common settings – i.e. auth required etc)
User Defined (i.e. allowable conn strs)
Two-way dialog Common mechanism for architects/infrastructure staff to communicate and validate
Microsoft Australia Security Summit
Deployment Designer
Microsoft Australia Security Summit
Visual Studio Team ArchitectDistributed System DesignersVisual Studio Team ArchitectDistributed System Designers
Application Connection Application Connection DesignerDesigner
ApplicationApplicationHostingHosting
ApplicationsApplications
Deployment DesignerDeployment Designer
System DesignerSystem Designer
SystemSystemDefinitionDefinition
ModelModel
Logical Logical Datacenter Datacenter DesignerDesigner
Microsoft Australia Security Summit
SDM in WindowsSDM in Windows
Adapters
Management Interfaces
Tools
SDMInfrastructure
SDM Service
Management Tools
Framework
Modeling Tools
Framework
SDM Compiler &Design-time Tools
Model DrivenDesign Tools
Model DrivenManagement Tools
Design Deploy Operate
Models
Microsoft Australia Security Summit
SummarySummary
Reviewed the problems of poor team communication
Reviewed the System Definition Model
Designed distributed systems
Understood design time systems validation
Reviewed tight code & model synchronization
Learned about customising the designers
Reviewed the problems of poor team communication
Reviewed the System Definition Model
Designed distributed systems
Understood design time systems validation
Reviewed tight code & model synchronization
Learned about customising the designers
Microsoft Australia Security Summit
© 2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.