This is the second part of a two part overview of Microsoft’s System Center 2012, the first party linked to each review of the components on 4sysops as well as how System Center 2012 is licensed, this second part looks at each individual component and the new Unified Installer.
  1. Conclusion

Configuration Manager lets you deploy software to employee’s devices and computers, inventory their hardware, push out OS / software updates as well as deploy OSs to bare metal computers. New in Configuration Manager 2012 is user centric management of devices and software with the concept of a user’s primary device(s), self-service software catalog, management of mobile devices, a vastly simplified infrastructure hierarchy, remediation of configuration drift through settings management and Role Based Access.

Virtual Machine Manager manages your fabric infrastructure for virtualization: hosts, clusters and networks from the bare metal to the ultimate abstraction in private clouds. The 2012 version has changed fundamentally from its predecessor in the overall scope by now managing the entire fabric, creating Hyper-V clusters from bare metal, managing resource and power optimization natively, interfacing with Hyper-V, VMWare ESX and Citrix Xen server hosts and orchestrating patching of clusters. There’s also a Service model that lets you deploy (and subsequently update) entire groups of related VMs for a distributed application, there’s Server App-V application virtualization deployment, built in High Availability for Virtual Machine Manager itself, storage control (iSCSI and FC SANs) and built in self-service with Role Based Access control.

Operations Manager keeps an eye on your servers (physical and virtual), OS (Windows and Unix / Linux), applications (All Microsoft, many, many third party and Java application servers) and your networks through Microsoft and third party Management Packs that contain knowledge about each component. New in 2012 is a simpler infrastructure with built in High Availability, much better and easier network monitoring, enhanced dashboards that can be published to SharePoint for wider audiences, Application Performance Monitoring (formerly known as Avicode), Java Enterprise Edition (JEE) monitoring and enhanced functionality and security for *nix monitoring.

Data Protection Manager is the best backup product for Microsoft’s workloads, following supported processes to backup from Disk to Disk, Disk to Tape, Disk to Disk to Tape as well as Disk to Disk to Cloud. New in 2012 is a centralized console (through Operations Manager) that can manage hundreds of Data Protection Manager servers (including DPM 2010), a new console UI, scoped consoles for troubleshooting, Role Based Access, improved Item Level Recovery (ILR) for recovering files from within VMs that have only been backed up through a host level backup, much faster SharePoint recoveries and certificate based communication for workgroup data sources.

Orchestrator (formerly known as Opalis) is a newcomer in the Service Center 2012 suite but it’s very important as it integrates and links the other components through automation. Via a Visio like interface Activities are linked together into Runbooks that can then automate IT processes on demand; Runbooks can be started from a web interface or from Service Manager or any other product that talks to the new Orchestrator Web Service. The true power of Orchestrator comes in the form of Integration Packs that allows it to “talk” to many other systems, including all the components in System Center 2012 as well as earlier System Center versions and many other third party systems, giving you a true automation engine to better provide IT as a service.

Service Manager is a help desk system for tracking incidents, change requests, service requests and configuration management in a central Configuration Management Database (CMDB). There’s also a Data Warehouse server that manages long term storage of data, not just from Service Manager but from all the System Center 2012 products, data is brought into Service Manager through connectors to AD, Virtual Machine Manager, Operations Manager and Configuration Manager for consolidated reporting, templates are used to build service offerings and self-service IT is enabled through a SharePoint integrated portal.

Endpoint Protection is Microsoft’s business anti-malware solution that’s integrated into Configuration Manager. This means that the distribution of the application is done through the normal model in Configuration Manager (either as part of new OS deployments or as a distributed program after OS installation) as well as all the signature updates. Reporting and policy management is also integrated which means that there’s no separate infrastructure to manage and no new user interfaces to learn. Endpoint Protection is a multi-engine solution and one engine can be active and scan files and traffic while other engines are being updated with new signatures.

App Controller is an end-user / application owner focused web portal that lets you see Virtual Machine Manager private clouds and services deployed in them as well as Windows Azure public cloud services and monitor, scale out and scale in these services.

Unified Installer lets you install the entire System Center 2012 product, all the components, and more importantly, all the prerequisites through one interface. This brings the total number of screens required to click through to install all the required software and all the components from over 400 to 16. This installation is designed for evaluation, learning, testing and proof of concepts, it’s not designed for production deployments (unless your environment is small) and only works with Windows Server 2008 R2 SP1 and SQL Server 2008 R2 as the underlying components. A full installation requires nine separate servers / VMs, each with 2 GB of memory so if you’re going to install this on one Hyper-V/ESX or XEN server host it’ll need 20+ GB of memory.

Subscribe to 4sysops newsletter!

Conclusion ^

System Center 2012 is a big release, filled with new features and technologies and even new products. It’s able to work more as a cohesive whole through Orchestrator runbooks integrating the different parts and holds the promise to transform today’s IT towards the automated; IT as a service private clouds and hybrid clouds that is the future. There’s no doubt that there will be a good many more consultants specializing in System Center 2012 implementations over the next few years and they’ll have their hands full. Learning the different parts of System Center 2012 and how they work together should definitely be on your list of things to do if you’re an IT Pro, not least because of the recently announced MCSE:Private Cloud certification.

  1. CypherBit 10 years ago

    So in order to implement in an environment SC 2012 9 servers are needed? Could you please eleborate on this and provide additional guidance if this can somehow be reduced.

  2. Paul Schnackenburg 10 years ago

    Hi CypherBit,
    A complete installation requires eight servers (One for CM and EP, one for VMM, one for DPM, one for Orchestrator, two for SM (one for the server, one for the DW) and one for App Controller). So Service Manager needs two but Endpoint Protection lives with Config Manager. You can however host App Controller on the VMM server for a lab setup and it is possible to host most of the different databases on one central server rather than on each box. In a lab you’ll also need a Domain Controller, for a total of nine (eight if you put VMM and App controller together).

    Hope that helps,

    Paul Schnackenburg

  3. CypherBit 10 years ago

    Thank you for your reply Paul. If possible I’d appreciate some further assistance (I’ll try to paint a whole picture).

    We’re a small shop 85 or so client machines/65 users, 5 physical hosts which includes:

    – a two node Hyper-V cluster on 2008 R2 Datacenter, running about 15 VMs combined.
    – a server used for faxes. I hate running this additional server, but the fax device is USB and I can’t present this in Hyper-V VM…hence an additional physical server.
    – a primary DPM 2010 server on 2008 R2 Enterprise with a VM for an additional DC (so the cluster can start) and a VM running monitoring software (
    – a secondary DPM 2010 server on 2008 R2 Enterprise (we planned additional VMs that’s why a Standard wasn’t bought) in a disaster recovery location, also a VM with an additional DC in case everything at the primary site goes down.

    We’re currently also using Forefront Client Security (FCS) for all servers, clients and Forefront for Exchange.

    Replacing FCS which will be EOL soon (I have another year contract) is paramount. Since I prefer MS producst and also since IPsec NAP with FCS is used I’d like to stick with FEP which requires SCCM.

    Having SCCM in our environment is quite a bit much (WSUS is used for patching, GPO’s for installs), but if there’s not a different option I could use it from time to time (if funding will permit).

    Of all the other pieces in SC 2012 I can see us using:
    – DPM, to upgrade our 3 Enterprise licenses to 2012,
    – VMM wouldn’t hurt at all, but is not a must.
    – perhaps SCOM could also be used, but since the enviroment is so small…

    I don’t see us using Service Manager, App Controller and Orchestrator. Can I just install the parts I need and in this case create another VM for SCCM/FEP, one for VMM and perhaps an additional one for SCOM. There isn’t a need to install everything is there? But as I understand the licensing I do need to buy it?

    Could someone also assist me in getting a rough estimate as to which licenses are needed for such an environment.

    Thank you in advance for any additional information.

  4. CypherBit 10 years ago

    I forgot to mention I could do without SCCM licenses for the clients/servers if that requires additional licenses. I only really need FEP (not sure if these two licenses are different).

    Also what are you opinions for implementing SC 2012 (with the parts I outlined) in an environment of this kind of size?

  5. Paul Schnackenburg 10 years ago

    Hi again Cypherbit,
    OK, whilst I’m no licensing expert I’ll try my best to answer. First of all, the current product that would fit your scenario is actually System Center Essentials 2010 (up to 300 clients) but since it’s now old tech and I’m not sure if MS will make a SC Essentials based on 2012 lets forget it.
    Yes, you buy SC 2012 as ONE product so you get all the parts and select which ones to install. Yes, you’d just setup VMs for the SC parts you choose. Keep in mind SQL, you can either have a local SQL for each SC VM or you can have a central SQL VM for all of them.
    You don’t mention how many physical CPUs your hosts has which will impact whether you’ll need SC Standard or Datacenter – have another read of the licensing part here I would add up all the VM servers you’ll want to monitor and manage with SCCM, DPM and VMM and your physical CPUs and contact a MS reseller in your country and get a specific quote for exactly what you need. As I understand it SCEP comes with SCCM but you do have to buy client licenses for desktops and servers.

    Hope this helps make it a bit clearer,

    Paul Schnackenburg

  6. CypherBit 10 years ago

    Thank you Paul, it’s a bit clearer. I also contacted a reseller and received some additional information.

    If I only need FEP in our environment it appears (as you said) I can just get a Standard licence install SCCM and buy the client licenses for desktops, servers.

    Right now I’m not sure how deployment works if I only have a FEP client license (no SCCM CAL).

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account