Designing a Windows 7 Client Deployment Strategy : Choosing a Deployment Method (part 2) - Evaluating the Infrastructure & Scaling the Client Deployment Process

3. Evaluating the Infrastructure

The Microsoft deployment tools are not mutually exclusive. You can combine them in a variety of ways, depending on the nature of your deployment project. In many cases, the infrastructure in which you are working can dictate how you use MDT 2010 and the other tools.

You have already seen how the MDT deployment scenarios you use depend on whether you are deploying to new or existing workstations. Other elements of your existing infrastructure can affect how you deploy workstations in other ways.

3.1. Using Windows Deployment Services

Windows Deployment Services provides the most convenient means of deploying MDT 2010 boot images to reference computers and target computers over the network. Without WDS, you must create boot media to start your workstations, in the form of CD-ROMs or DVD-ROMs or USB flash drives. In a large deployment project, this can be extremely inconvenient. However, to use WDS, there are several infrastructure requirements, as follows:

• Windows Server WDS is a role included in Windows Server 2008 R2 and Windows Server 2008. You must therefore have a server on your network running one of these operating systems, on which you have installed the Windows Deployment Services role.

• PXE compliance The workstations to which you will deploy boot images using WDS must have network interface adapters that are compliant with the PXE standard. There is no need for WDS discover images in an MDT 2010 deployment because if you are going to create boot disks, you can just use the boot images that MDT creates.

• Network connectivity To deploy large image files over the network, workstations must have a persistent, high-speed connection to the server running WDS. Wireless connections are not sufficient for this purpose, nor are connections that span relatively slow wide area network (WAN) links.

Note:

DEPLOYMENTS AND NETWORK SPEED

For a large-scale Windows 7 deployment, the workstations and the computers hosting the deployment shares, including the build computer and the server running WDS, should all be connected to a wired network running at a minimum speed of 100 megabits per second (Mb/sec). The computers can be on different subnets, as long as the subnets are not connected by a slow link. If you have wireless computers to deploy, such as laptops assigned to traveling users, your choices are either to use a removable boot device or to connect the computer to the wired network for the duration of the deployment process. For computers at remote locations, you can temporarily move the workstations to the location of the server, or move the server to the workstations.

3.2. Using Lite-Touch vs. Zero-Touch Deployments

MDT 2010 supports two different types of deployments: Lite-Touch Installation (LTI) and the Zero-Touch Installation (ZTI), and most of the product documentation is based on the administrator having chosen one of these two options.

Selecting the LTI or ZTI deployment type is usually not a difficult decision. From an infrastructure perspective, the primary difference between the two is that a ZTI deployment requires Microsoft System Center Configuration Manager (SCCM) 2007 and an LTI deployment does not. In most cases, if you already have SCCM 2007 installed on your network, a ZTI deployment is preferable; if you do not have SCCM, you are better off using an LTI deployment.

• User interaction The primary advantage of a ZTI deployment is that it requires no interaction at the workstation while the operating system installation is occurring. This streamlines the deployment process and reduces the incidence of configuration errors. LTI deployments, at the very least, require someone to initiate the installation at the workstation site and can require additional interaction as the installation proceeds. This means that the on-site technicians require more training and administrative credentials, and human interaction introduces a potential source of configuration errors.

• Flexibility Most of the alternative deployment strategies discussed throughout this article are limited to LTI deployments. ZTI is a more structured deployment method, with fewer options.

• Complexity ZTI deployments typically require more time and effort to configure than LTI deployments, mainly because a ZTI performs more tasks on the workstations being deployed.

• Connectivity ZTI supports only network-based deployments; you cannot use removable media. Therefore, all of the workstations you deploy using ZTI must have a persistent, high-speed connection to the MDT build computer and all of the servers involved, including the SCCM, SQL, and WDS servers. In an LTI deployment, the workstations do not even have to be networked, although it is preferable that they are.

• Security Because no interaction is required at the workstation during a ZTI deployment, it is not necessary to provide users or site technicians with administrative credentials, as it is with LTI. However, to use ZTI, you must configure the network security and firewall policies to allow automatic software installation and permit Remote Procedure Call (RPC) traffic between the workstations and the deployment servers. By contrast, you can perform an LTI deployment to workstations that prohibit automatic software installation and are secured behind a firewall.

• Upgrades Unlike LTI, ZTI does not support the upgrade computer deployment scenario.

Note:

IMPLEMENTING SYSTEM CENTER CONFIGURATION MANAGER 2007

SCCM 2007 is a comprehensive network management application that can provide a wide array of administrative services, including software distribution. As a general rule, however, it is not worthwhile to implement SCCM on a network solely to perform workstation deployments. There are several reasons why this is so, including the following:

• Prerequisites SCCM 2007 requires a Microsoft SQL Server database to function, and you cannot use the free SQL Server Express Edition for this purpose. This adds considerably to the complexity of the installation and the cost of implementing the product.

• Installation Installing SCCM is not simply a matter of inserting a DVD into a drive and running a setup program. There are many optional components and a significant amount of prior planning is required.

• Client agents SCCM requires an agent program on each computer that it manages, which adds to the complexity of the installation as well as the cost.

• Price Unlike MDT 2010 and the other deployment products, SCCM 2007 is not free. You must purchase the product itself and the SQL Server product it requires to function. In addition, you must purchase a license for each client computer you intend to manage. As a result, the cost of implementing SCCM on a large enterprise network can be considerable.

If you are considering an SCCM implementation on your network, it should be for reasons in addition to performing ZTI workstation deployments.

4. Scaling the Client Deployment Process

One of the most critical factors in selecting a Windows 7 deployment method is how many workstations you have to deploy and the conditions under which you will be deploying them.

In an ideal situation, you are deploying new computers on a new network with an unlimited amount of time to complete the project. In the real world, however, administrators rarely have all of these advantages. In fact, they often have none of them. Therefore, you must consider the questions in the following sections and how they affect the selection of a deployment method.

4.1. How Many Workstations?

Obviously, the number of workstations you have to deploy is one of the basic issues in the selection of a deployment method. As discussed earlier in this lesson, small-scale deployments can sometimes proceed without any special methodology at all, but after you get to the point at which you decide that some automation is required, the size of the deployment process can still make a difference.

The number of workstations you have to deploy can affect the overall project in two fundamental ways. If you have several different workstation configurations to deploy, you must consider modifications to your image creation process. However, if the issue is how many workstations of each configuration you have to deploy, the issues are different.

When you have 500 workstations of a specific configuration to deploy, as opposed to 50, the process of installing the reference computer and capturing an image need not change, but the process of deploying the image to the target computers might. Depending on the deployment method you choose, this part of the process can require more network bandwidth, to transfer the image files to the workstations; more personnel, to set up the workstations and possibly initiate the installation on each one; and time, to complete the entire deployment process.

The more workstations you have to install, the more compelling the argument for additional automation becomes. For example, at some point in an enterprise environment, the manpower required to perform an LTI deployment on a large number of workstations offsets the cost of implementing SCCM 2007 and performing a ZTI deployment instead. It might not be worth the effort and the expense to install SCCM for 50 workstations, but for 500, it might be a viable option, particularly when you consider the ongoing benefits of a network management system. However, if you will be shipping those 500 workstations to branch offices at remote locations, where centralized network management is not practical or desirable, then LTI might still be the better choice.

4.2. How Much Bandwidth?

If you are deploying your Windows 7 workstations over the network, you must consider the amount of bandwidth it will take to transmit image files to each computer. Image files can be several gigabytes in size, and deploying dozens or hundreds of computers at once can easily flood a network, slowing the entire process down to a crawl. This can be particularly problematic if you are deploying workstations on a network that other people are using for their everyday work at the same time. When performing a deployment on a working network, you must consider not only the amount of bandwidth the infrastructure is capable of delivering, but also the amount of bandwidth available above the requirements of the working users.

There are several ways you can address competing claims on bandwidth during a workstation deployment, including the following:

• Stagger deployments If you must deploy your target computers while other users are working, you can consider installing a few at a time, to avoid flooding the network with deployment traffic. This increases the amount of time needed to complete the project, but in an LTI deployment, it has the added benefit of reducing the manpower needed to perform the installations.

• Schedule deployments for off hours For a network that is not in production around the clock, performing deployments at night or at other times when the network is not in use minimizes their effect on bandwidth utilization. However, this can increase manpower costs significantly because of overtime rates.

• Use a dedicated deployment network Temporarily connecting the target computers to a separate network used only for deployment eliminates the impact on the production network. This solution is particularly viable if you are using the new computer or replace computer scenario because you can set up, deploy, and test the workstations on an IT network prior to delivering them to the end users. For the upgrade computer and refresh computer scenarios, however, this can be impractical if it requires large numbers of computers to be moved long distances.

• Use multicasting Deploying image files by using WDS multicasts can minimize the amount of bandwidth consumed, as long as the entire infrastructure supports multicast transmissions, including any routers located between the target computers and the deployment servers.