System Center 2012 R2 Lab 2: Infrastructure Monitoring: Hands-On Lab - Step-by-Step Guide

System Center 2012 R2
Lab 2: Infrastructure
Monitoring
Hands-On Lab | Step-by-Step Guide
For the VMs use the following credentials:

 Username: Contoso\Administrator
 Password: Passw0rd!
Version: 1.5.5
Last updated: March 28, 2014
Please share any feedback with the IT Camps Planning Team:
[email protected]
Copyright © 2014 by Microsoft Corporation. All rights reserved.
2 - Infrastructure Monitoring
160 minutes optional (2:40 total)
1. SCOM, SCDPM & SCCM: Infrastructure Monitoring Components (35 mins)
2. SCOM & SCCM: Explore Infrastructure Monitoring (35 mins)
3. SCOM: Create a Dashboard (10 mins)
4. SCDPM: Backup the Infrastructure (20 mins)
5. SCDPM: Recover the Infrastructure (10 mins)
6. SCCM: Secure the Datacenter (50 mins)
2.1 - SCOM, SCDPM & SCCM: Infrastructure Monitoring
Components
2.1.1 - SCOM: Introduction to Operations Manager

In this exercise the user will learn about the different workspaces and functions of System Center
2012 R2 Operations Manager, including Monitoring, Authoring, Reporting, and Administration.
Estimated time to complete: 10 minutes
Perform the following on SCOM01
1. From SCOM01, open the Operations Manager Console by clicking the icon in the taskbar.
2. Navigate to the Monitoring workspace.

3. This workspace is used to see what is going in the monitoring environment and is the primary
workspace for operators. It contains views, diagrams, and dashboard views that compile and
present useful information that Operations Manager has gathered.
4. Click the Active Alerts view. This view shows all alerts that are active (not closed). In this view,
select an alert to view its details, such as the rule or monitor that generated the alert and the
managed object that has the problem. Double-click an alert to open its properties. Select an alert
and click Health Explorer in the Tasks pane to open Health Explorer in the context of this alert.
When appropriate, the user can close the alert from this view by clicking Close Alert in the Tasks
pane.
5. Click Discovered Inventory. This view shows all objects that have been discovered and their
states. Now click Change Target Type in the Tasks pane to filter the discovered inventory list to a
single type of object. The target type determines the type of information that will be displayed in
the details pane for a selected object. Click Cancel.
6. Click Task Status. This view shows the output from tasks that have been executed in the console.
The Task Status view shows when a task is completed, finished, and the user who executed this
specific task.
7. Click Windows Computers. This view shows the state of the following aspects of discovered
Windows computers: Overall state of the computer, state of the agent on the computer, if an
agent is installed, state of the management server role, if the computer is a management server,
state of the Windows operating system. To see information that is collected for a computer,
select the computer Name field for a specific computer. The properties in the tasks pane can be
clicked to display all of the information that is collected. To open other views for a computer,
right-click the computer, select Open, and click a view to open.
8. Expand Microsoft SQL Server and click Active Alerts to view the alerts specific to SQL Server.
9. Click the Authoring workspace.
10. This workspace is used to create new monitoring scenarios. Existing management packs can be
added or changed or new management packs can be created for applications that do not have
one.
11. Click Management Pack Templates. Management packs contain settings that enable agents to
monitor a specific service or application in System Center 2012 – Operations Manager. These
settings include discovery information that allows management servers to automatically detect
and begin monitoring objects, a knowledge base that contains error and troubleshooting
information, rules and monitors that generate alerts, and reports. Management packs might also
contain tasks, diagnostics, and recovery tools and guidance to help fix problems.
12. Click Groups. In System Center 2012 – Operations Manager groups can be used to scope views,
reports, overrides, and alert notifications. Groups are created in the Authoring workspace in the
Operations console.
13. Click the Reporting workspace.
14. Operations Manager provides extensive reporting capabilities, including multiple report libraries
that can be selected to customize reports for specific requirements. Reports perform a query
against the data warehouse database and return the results in an easy-to-read format.
15. Click SQL Server 2012 (Monitoring). This view is used to open and schedule reports for various
SQL Server tasks.
16. Click the Administration workspace.
17. The Administration workspace is the primary workspace for administrators. The workspace is
used to configure a management group and its managed objects. There are several different
options available on this workspace.
18. Expand Device Management. Device management is used to perform configuration of specific
management servers, agent-managed computers, agentless-managed computers, UNIX servers,
and Linux servers.
19. Click Agent Managed. Various tasks can be performed on agent-managed computer, these
include repairing or uninstalling an agent on a target computer.
20. Click Agentless Managed. An agentless managed machine is a Microsoft Windows-based system
in which an agent cannot be installed can be managed without an agent. Not all management
packs support agentless management, for example the Active Directory management pack and
the Microsoft Exchange Server 2003 management pack do not support agentless management.
21. Click Management Packs. This is a listing of all the management packs imported into the
management group. Right-clicking an individual management pack in the results gives additional
options such as viewing its properties, deleting the pack, or exporting any customizations to
another management group. Links in the tasks pane are used to create, import, and download
management packs.
22. Click Product Connectors. Product connectors are used to synchronize Operations Manager data
with other management systems such as those that monitor non-Windows computers or create
trouble-tickets. Product connectors can integrate a deployment of Operations Manager into
another management platform or connect other management systems into a full Operations
Manager management solution. Any product connectors that the user integrate with Operations
Manager will be displayed in this section of the Administration workspace.
23. Expand Security and click User Roles. In Operations Manager, operations such as resolving alerts,
running tasks, overriding monitors, viewing alerts, viewing events, and so on have been grouped
into user roles, with each user role representing a particular job function. Role-based security
allows administrators to limit privileges that users have for various aspects of Operations
Manager.
24. Expand System Center Advisor, click Advisor Connection. System Center Advisor is an online
service that analyzes installations of Microsoft SQL Server 2008 (and later versions), and Windows
Server 2008 and 2008 R2, and Lync Server 2010. Advisor collects data from the installations,
analyzes it, and generates Alerts that identify potential issues (such as missing security patches)
or deviations from identified best practices with regard to configuration and usage. Advisor also
provides both current and historical views of the configuration of servers in an environment.
25. Click the My Workspace workspace. This workspace provides an area that can be customized for
specific needs. Users can create folders to organize the workspace, add shortcuts to favorite
views, save useful searches, and create views.
2.1.2 - SCDPM: Introduction to Data Protection Manager
In this exercise the user will learn about the different workspaces and functions of System Center
2012 R2 Data Protection Manager, including Monitoring, Protection, Recovery, Reporting, and
Management.
Perform the following on SCDPM01
1. From SCDPM01, open the DPM Administrator Console by clicking the icon in the taskbar.
3. This workspace allows the user to monitor the status of data protection, data recovery, and other
DPM operations. There are two tabs in this workspace, Alerts and Jobs. Click All Alerts.
4. Alerts display errors, warnings, and informational messages. The user can group alerts by
protection group, computer, or severity, and the user can choose to display active alerts
exclusively or to display both active alerts and a history of inactive alerts. The user can also
subscribe to notifications to receive alerts via e-mail.
5. Click All jobs. All jobs displays the status of all the DPM jobs and their associated tasks. The user
can group jobs by protection group, computer, status, or type, and the user can filter jobs by time
period. The user can choose whether to include regularly scheduled synchronization operations in
the list of jobs.
6. Click the Protection workspace then click All Protection Groups.
7. The protection workspace allows the user to create, rename and manage members of protection
groups. As well as manage protection schedules, disk allocations, and other options. The user also
has the ability to run manual synchronization and consistency check jobs, manage recovery points
and review and respond to results of Auto Discovery.
8. Click the Recovery workspace expand Search Recovery Points then click Files and folders.
9. The recovery workspace is used to find and recover data from recovery points. It contains a
browse tab which allows the user to browse for available recovery points for each protected
computer in an environment as well as a search tab which allows for searching of available
recovery points based on data type, location, origin or recovery point date.
10. Click the Reporting workspace.
11. This workspace allows users to generate and view reports on DPM operations. The user can also
schedule automatic report generation and manage reporting services settings.
12. Click the Management workspace then click Agents.
13. Use this workspace to manage protection agents, storage pool disks, and tape libraries. The
Agents tab displays a list of protection agents deployed on computers and enables the user to
install, uninstall, and update the agents and agent licenses. The Disks tab displays a list of disks
included in the storage pool and enables the user to add and remove disks from the pool. The
Libraries tab displays the tape libraries installed on the DPM server and enables the user to
manage the tapes in the library.
2.1.3 - SCCM: Introduction to Configuration Manager

In this exercise the user will learn about the different workspaces and functions of System
Center 2012 R2 Configuration Manager and Endpoint Protection, including Assets and
Compliance, Software Library, Monitoring, and Administration.
Perform the following on SCCM01
1. From SCCM01, open the Configuration Manager Console by clicking the icon in the taskbar.
2. Navigate to the Assets and Compliance workspace.

3. Explore the nodes of the Assets and Compliance workspaces. The Assets and Compliance
workspace is used to manage the organization's assets (users, computers, and software) as well as
compliance configuration (settings management, previously known as desired configuration
management in Configuration Manager 2007), and configuring Endpoint Protection policies.
4. Click Users. Here all the users that have been discovered and may display "sticky nodes" for any
user collections that members were displayed during this console session. The users in this lab
have been imported through Active Directory Discovery.
5. Select a user, then click the triangle in the lower right corner to expand the details, then select
the Client Settings tab. This shows the policies which have been applied to this particular user or
user group.
6. Navigate to Devices. This area is used to view all devices that have been discovered and may
display any sticky nodes for any device collections whose members have been displayed during
this console session. The devices in this lab have been imported through Active Directory
Discovery. Select a device, then browse the various tabs under the details.
7. Go to User Collections. Here collections based on users and user groups can be managed. There
are three built-in user collections.
8. Click on Device Collections. This is used to manage collection based on system information. There
are four built-in device collections (and this lab environment has custom device collections).
9. Navigate to User State Migration. State Migration is used to manage the migration of user state
between computers, including defining computer associations.
10. Click on Asset Intelligence. This is used to manage software assets with the Asset Intelligence
feature, including a dashboard of Asset Intelligence statistics and status, inventoried software,
catalog customizations, and hardware requirements.
11. Click on Software Metering which is used to configure rules for monitoring the usage of software.
12. Click on Compliance Settings which is used to manage compliance using the compliance and
settings management feature.
13. Navigate to Endpoint Protection, and expand the node. Endpoint Protection is used to configure
and deploy antimalware and Windows firewall policies to collections of clients.
14. Click on Antimalware Policies. Antimalware policies can be deployed to collections of
Microsoft System Center 2012 Configuration Manager client computers to specify how
Endpoint Protection protects them from malware and other threats. These antimalware policies
include information about the scan schedule, the types of files and folders to scan, and the actions
to take when malware is detected. When you enable Endpoint Protection, a default antimalware
policy is applied to client computers. You can also use additional policy templates that are
supplied or create your own custom antimalware policies to meet the specific needs of your
environment.
15. Click Windows Firewall Policies. Firewall policies for Endpoint Protection in System Center 2012
Configuration Manager let you perform basic Windows Firewall configuration and maintenance
tasks on client computers in your hierarchy. You can use Windows Firewall policies to control
whether Windows Firewall is on or off, to control whether incoming connections are allows to
client computers and to control whether users are notified when Windows Firewall blocks a new
program.
16. Navigate to the Software Library workspace. The Software Library workspace Overview page
appears. Notice that the Software Library Overview page displays options similar to those of the
Assets and Compliance Overview page, including nodes in the navigation page in a "Navigation
Index" section. You will also notice that the Overview page includes a section for Recent Alerts.
These are alerts generated when application or software update deployments are below the
administrator configured threshold for success, as well as when synchronization of the software
update point site system fails.
17. Click on Application Management and expand the node. This area is used to manage software
deployments to users and clients, including applications and packages/programs, approving
application requests from users, managing global conditions, configuring App-V Virtual
Environments and deploying Windows Sideloading Keys for Windows 8 Apps. Also included here
are alerts for deployments that are below the configured threshold for success, as well as alerts
for any deployments that experience a failure rate of a designated percentage.
18. Select Applications to view applications that are available for client deployment to managed
clients.
19. Navigate to Software Updates and expand the node. Software Updates are used to manage
aspects of software update deployment to clients, including update metadata, software update
groups, software update deployment packages, and automatic deployment rules. Also included
here are alerts for deployments that are below the configured threshold for success as well as any
failed synchronization attempts (which you see in this lab environment).
20. Select All Software Updates and browse some updates and review the details pane.
21. Select Operating Systems and expand the node. All aspects of operating system deployment to
systems, including drivers, driver packages, operating system images, operating system installers,
boot images, Hyper-V virtual hard disks (VHDs), and task sequences can be managed here.
22. Select the Drivers node and review the drivers that are available for deployment.
23. Select the Operating System Images node and node the server and client OS that is available for
deployment.
24. Select the Task Sequences node. This shows a collection of tasks used to deploy an operating
system or a virtual hard disks.
25. Navigate to the Monitoring workspace and click on it. The Monitoring workspace Overview page
appears. Notice that the Monitoring Overview page displays options similar to those of the other
workspace's Overview pages, including nodes in the navigation page in a "Navigation Index"
section. You will also notice that the Overview page includes a section for Recent Alerts. An
example of an alert displayed here would be when the database replication between two sites in
a hierarchy has been determined to be down due to link issues (as you may see depending on if
images for both site servers are available and started). Other nodes in the console, including
other workspaces, can also display alerts.
26. Expand the Alerts folder. These alerts (Active Alerts and All Alerts) are used to manage alerts
generated in the environment. By associating them with a Subscription, they can be configured to
automatically email or notify an administrator.
27. Click on Queries. This area is used to manage queries, both built-in and custom.
28. Expand the Reporting folder, and select the Reports node. This is used to display results of built-
in or custom reports (using SQL Server Reporting Services) and configure report subscriptions.
29. Next click on Site Hierarchy. This is used to display a ‘map’ of the site hierarchy, including central
administration site, primary sites, and any secondary sites. This lab environment uses a single
site.
30. Expand the System Status folder. Browse through the options: Site Status, Component Status,
Conflicting Records, and Status Message Queries.
31. Click on Deployments. This is used to monitor all deployments of applications, packages and
programs, software updates, operating system images, and configuration baselines.
32. Click on Client Operations. This area is used to monitor all ‘real-time actions’ initiated from the
Configuration Manager Console to clients (System Center 2012 SP1 and later), such as computer
policy retrievals and Endpoint Protection actions.
33. Expand the Client Status folder. Both Client Activity and Client Check are used to monitor the
health and activity of Configuration Manager clients in the site and hierarchy.
34. Next, click Database Replication. This is used to monitor the status of the replication of
Configuration Manager data between sites using SQL-based database replication.
35. Expand the Distribution Status folder. Click on the node and note that these are used to monitor
content distribution status, distribution point group status, and distribution point health.
36. Click Software Update Point Synchronization Status. This is used to monitor the status of
software update catalog synchronizations.
37. Expand Endpoint Protection Status. These two dashboards provide a quick view into the 'health'
of the site's clients in terms of any malware activities.
38. Click System Center 2012 R2 Endpoint Protection. A dashboard containing the a summary of the
security state of the collection is displayed.
39. Click Malware Detected. Any malware detected by System Center Endpoint Protection will be
displayed here.
40. Navigate to the Administration workspace. The Administration workspace Overview page
appears. Notice that the Administration Overview page displays options similar to those of the
other workspace's Overview pages, including nodes in the navigation page in a "Navigation Index"
section.
41. On the Ribbon, click the drop-down arrow above "All Objects" . A new menu appears displaying
options for the Configuration Manager console. These options include connecting to a different
Configuration Manager site, connect via Windows PowerShell (to get access to the PowerShell
provider to run cmdlets against Configuration Manager), get information about the Configuration
Manager version, access product documentation (which is all web-based), configure integration
with the Customer Experience Improvement Program, and closing the console.
42. Close the drop down menu by clicking away from it.
43. From the navigation pane expand Site Configuration.
44. Click Sites. The sites in the hierarchy from the local site database (the local site and any child
sites) appear in the results pane. Notice that there is only one site displayed for this portion of
the hierarchy, and that is the local site.
45. In the navigation pane, click Servers and Site System Roles. The site systems and installed roles
for the site appear in the results pane. Here the primary site SCCM01.contoso.com is displayed.
46. In the results pane, select \\SCCM01.contoso.com and expand the details pane. This site system
roles installed for the select site are displayed.
47. In the navigation pane, select Client Settings. This displays user and device settings that can be
saved as templates and applied to an individual user or a group.
48. Select Default Client Settings, then click Properties from the upper ribbon.
49. Browse the different tabs of the Default Settings, then click Cancel.
50. Expand the Security Tab and select Security Roles. Browse the different types of user roles that
can interact with Configuration Manager.
51. In the navigation pane, click Distribution Points. Configuration Manager uses distribution points
to store files that are required for software to run on client computers. These distribution points
function as distribution centers for the content files and let users download and run the software.
Clients must have access to at least one distribution point from which they can download the files.
2.2 - SCOM & SCCM: Explore Infrastructure Monitoring
2.2.1 - SCOM & VMM: Monitor the Fabric

In this exercise many different components of the datacenter infrastructure will be monitored and
analyzed using Operations Manager. Operations Manager provides real-time monitoring through
alerts, as well as other helpful information about the performance, health and capacity of hardware,
networking components, hypervisors, virtual machines and applications.
Perform the following on SCVMM01
1. From SCVMM01, open the Virtual Machine Manager Console by clicking the icon in the taskbar.
If a prompt to Connect to Server appears, keep the default options and click Connect.
2. Navigate to the Settings workspace.
3. Select System Center Settings.

4. Select Operations Manager Server, then right-click and select Properties.
5. When the Operations Manager Settings appear, under Diagnostics select Refresh.
6. Click OK to close the Operations Manager Settings.
7. From SCOM01, open the Operations Manager Console by clicking the icon in the taskbar

9. Select Active Alerts
10. Review some of the recent Active Alerts.
11. Under Monitoring, select Windows Computers. Review some of the Active Alerts.
12. From the Monitoring pane, expand Microsoft System Center Virtual Machine Manager, expand
Agents and select Health State. This dashboard shows the state of the various Hyper-V hosts and
other infrastructure servers that VMM manages.
13. From the Monitoring workspace, expand Cloud Health Dashboard and select Cloud Health.
When the dashboard loads, select Contoso-Cloud and view the details. If it does not immediately
appear, click Refresh as it may take some time for the cloud to be automatically detected, and
continue to the next step.
14. From the Monitoring pane, expand Managed Resources. Select Host Cluster Health.
15. When the dashboard loads, select Cluster-Hyper-V and review the details.
16. Select Host Health. Select SCVMM01 and review the details. If no information is visible, refresh
the group. The information may differ from the screenshot below, depending on the state of the
lab.
17. Select Library Server Health and review the details.
18. Select Virtual Machine Manager Server Health and review the details.
19. From the Monitoring Pane, expand Performance. Select Host Performance. Under Legend, click
the column named Counter so it sorts by the counter column alphabetically.
20. In the Counter column, find Disk Read Bytes/Sec and ensure the object column is Logical Disk.
21. Click the check box for any host which displays a value for Disk Read Bytes/Sec . Note the chart
that is created.
22. From the Monitoring Pane, expand Microsoft System Center Virtual Machine Manager Views
and select Diagram View for SCVMM01.
23. When the diagram loads, click on the + by VMM Infrastructure to expand the node.
24. Expand Agent Watchers by clicking the +, note that SCVMM01 is managing these four servers.
Click the - next to Agent Watches to minimize the node.
25. Expand SCVMM01.contoso.com by click the +. The zoom can be adjusted on the toolbar if a view
adjustment is needed.
26. Scroll to the left and expand DC01.contoso.com by clicking the +
27. Expand the node with a GUID as a name by clicking the +, this will open a node with multiple
iSCSITargets which have been made available through that network adapter. Click the - next to
DC01.contoso.com to compress the node.
28. Scroll to the right and click the VirtualManagerDB. This is the virtual machine manager database
that has been previously created.
29. Scroll to the right and click the node titled VMMLibrary. This is the network share.
30. Scroll the far right and click on Windows Server 2012. Note that this is an offline VMware virtual
machine which is stored in the VMM library.
31. From the Monitoring Pane, expand Microsoft Windows Server and select Operating System
Performance. Under Legend, click Rule to sort the column alphabetically.
32. In the Rule column, find the Memory Available Megabytes Windows Server 2012 R2 entries and
check SCVMM01.contoso.com, DC01.contoso.com and SCOM01.contoso.com. Review the data
and then clear the checkboxes.
33. In the Rule column, find the Memory Pages Per Second Windows Server 2012 R2 entries and
check SCVMM01.contoso.com, DC01.contoso.com and SCOM01.contoso.com. Review the data
and then clear the checkboxes.
34. In the Rule column, find the Percent Memory Used entries and check SCVMM01.contoso.com,
DC01.contoso.com and SCOM01.contoso.com. Review the data and then clear the checkboxes.
35. In the Rule column, find the Processor Information % Processor Time Total Windows Server
2012 R2 entries and check SCVMM01.contoso.com, DC01.contoso.com and
SCOM01.contoso.com. Review the data and then clear the checkboxes.
36. In the Monitoring Pane, under Microsoft Windows Server, expand Health Monitoring and select
Disk Health and review the information.
37. In the Monitoring Pane, under Microsoft Windows Server, expand Health Monitoring and select
Network Adapter Health and review the information.
38. In the Monitoring Pane, under Microsoft Windows Server, expand Health Monitoring, expand
Operating System Events and select Services or Drivers Failing to Start and review the
information.
39. In the Monitoring Pane, under Microsoft Windows Server, expand Health Monitoring, expand
Operating System Events and select Unexpected Service Terminations and review the
information.
40. In the Monitoring Pane, expand Operations Manager and review the Active Alerts. Below
Operations Manager, select the Management Group Diagram node. Adjust the zoom so all the
information in the diagram is viewable.
41. Click the Data Access Service node and expand it by clicking +, review the node and then
minimize the Data Access Service node.
42. Expand Databases by clicking the +. Expand Data Warehouse by clicking the + and notice the
operations Data Warehouse manager has a relationship with SC0M01.contoso.com, as indicated
by the blue arrow. Minimize the node by clicking the - next to Data Warehouse.
43. Under Databases, expand Operations Database by clicking the +, and click the + next to All
Management Servers Resource Pool DB Watcher to expand the node.
44. With the All Management Servers Resource Pool DB Watcher node selected, click Health
Explorer from the right pane and review the information about the alerts by looking at the
Knowledge and State Change Event tabs. Close the window and minimize the Database node.
45. Expand Infrastructure Group by clicking the +. These are different roles within the operation
manager infrastructure.
46. On the far right, click on the + to expand the Web User Interfaces and note the different
operation manager web consoles that are also being monitored.
47. In the Monitoring Pane, expand Operations Manager and select Management Group Health and
review this pre-configured dashboard.
48. In the Monitoring Pane, expand Operations Manager and select Management Group Health
Trend and review the alerts that have recently appeared.
43. Feel free to browse some of the other infrastructure monitoring views. This lab includes views
that do not contain any data, as not all infrastructure components are deployed within this lab.
Other infrastructure views include:
a. App Controller
b. Data Warehouse
c. Microsoft Application Virtualization Server 5.0
d. Microsoft Message Queue 6.3
e. Microsoft Network Load Balancing
f. Microsoft Windows Internet Information Services
g. Microsoft Windows Server DHCP
h. Microsoft Windows Server DNS
i. Microsoft Windows Server File & iSCSI Services 2012
j. Microsoft Windows Server File Services
k. Microsoft Windows Server Update Services 2012 R2
l. Microsoft Windows Server Network Monitoring
m. Operations Manager
n. Service Manager
o. Service Provider Foundation
p. Synesthetic Transactions
q. System Center 2012 Configuration Manager
r. System Center 2012 R2 Data Protection Manager
s. System Center Orchestrator
t. UNIX/Linux Computers
u. Windows Azure Pack Monitoring
v. WS-Management and SMASH Monitoring
2.2.2 - SCOM: Monitor VMware Infrastructure

In this exercise a VMware infrastructure will be monitored by Operations Manager using a
Management Pack provided by Veeam. This management pack reports on the storage, networking,
virtual machines, hosts, clusters and more of the VMware vCenter infrastructure.
3. Browse to Veeam for VMware | _All Active Alerts.
4. Review the Alerts.

5. Select _vCenter Compute Topology.
6. In the Results pane, scroll down and expand Production Datacenter by clicking the “+” icon.
7. Scroll down and expand SRVGRE-PROD-CLU.

8. Review the impacted nodes. It is possible to adjust the view by using the zoom icons in the upper
toolbar.
9. Navigate to _vCenter Storage Topology.
10. Review the impacted nodes.

11. Expand the vSphere Host folder and select All Hosts.
12. Double-click the server srvgre-prod-esx1 to view properties about the object.
13. Navigate to vSphere Virtual Machine folder and click All Virtual Machines.
14. Review the results pane to see properties of the different VMs.
15. Click VMs by Guest OS.
16. Expand Performance Views and select All VMGuest Performance.
17. Right-click in the chart area and click Select Time Range.
18. Ensure that the range is set to the last 1 Hours and click OK.
19. In the Legend, add and remove counters to view performance data.
2.2.3 - SCCM: Manage Reports
In this exercise Configuration Manager reports will be reviewed using the web-based Report
Manager. Reports can be scheduled, emailed or viewed on-demand through the website.
Viewing these reports is not required for any other exercises, so feel free to skip ones that are
not interesting.
3. Expand Reporting and select Reports. This shows all the available reports from the Configuration
Manager Console.
4. Launch Internet Explorer and navigate to http://SCCM01/Reports. This is the Reports homepage.
5. Click the folder titled ConfigMgr_HQ1.
6. On the right hand side select the button called Details View. This organizes the display in a list
order. Feel free to adjust any future pages to this view.
7. Double-click on ConfigMgr_HQ1.
8. Open Asset Intelligence and click Hardware 01A - Summary of computers in a specific collection.
9. At the top of the page next to Collection click the drop down menu and select Contoso
Datacenter. Click View Report. This report includes basic inventory information for all of the
servers in the collection.
10. Return to ConfigMgr_HQ1 and click Compliance and Settings Management. Review the list of
reports that are available.
11. Return to ConfigMgr_HQ1 and click Device Management. Review the list of reports that are
available.
12. Return to ConfigMgr_HQ1 and click Hardware - Disk then run Count physical disk configurations.
This report shows the different sizes and quantities of disks throughout the organization.
13. Select the link for 102398 (1GB with a count of 15). This page displays all of the computers with a
disk of 1GB.
14. Return to Hardware - Disk and click Disk Information for a specific computer - Logical disks.
15. After Computer Name enter: DC01 then in the upper right corner click View Report. This will
show information about the different disks on this particular server.
16. Return to ConfigMgr_HQ1, click Hardware - General and then select Computer information for a
specific computer.
17. After Computer Name enter SCOM01 then click View Report. Review the information about this
particular server.
18. Return to ConfigMgr_HQ1 and click Network then select IP - Computers in a specific subnet.
19. Click the drop down next to IP Subnet and select 10.0.0.0 then click View Report. This report
shows the list of all the different network adapters within this particular subnet.
20. Return to ConfigMgr_HQ1 and click Operating System. Select Services - Computers running a
specific service.
21. Click the drop down next to NT Service Name and select Microsoft iSCSI Initiator Service then
click View Report. This displays all the computers running the iSCSI Initiator Service which allows
them to connect to remote iSCSI storage.
22. Return to the Operating System page and select Windows Server computers.
23. Click the drop down next to Collection and select Contoso Datacenter then click View Report.
This displays all the information about the Windows Server computers within this organizational
unit.
24. Return to ConfigMgr_HQ1 and click Software Distribution - Application Monitoring then select
All application deployments (advanced).
25. Return to ConfigMgr_HQ1 and click Software Distribution - Content then select All content.
Review the content which is available for distribution by Configuration Manager.
26. Return to ConfigMgr_HQ1 and click Software Updates - A Compliance then select Compliance 2 -
Specific software update.
27. For Collection click the drop down and select: HQ10000C - Contoso Datacenter, then click View
Report. This displays a list of software updates which have been deployed in the data center.
Note the column for % Compliant which shows how many of the servers meet the criteria for
compliance.
28. Return to ConfigMgr_HQ1 and click User - Device Affinity then select User device affinity
associations per collection.
29. For Collection Type select User for Collection select All users and users groups then click View
Report. This shows which devices have met the criteria for User Device Affinity.
30. From the upper left corner for Collection Type click Device. Under collection select Contoso
Datacenter. Click View Report. This shows who has accessed each of the different servers in the
data center.
31. Close Internet Explorer.
2.3 - SCOM: Create a Dashboard
2.3.1 - SCOM: Create a Custom Dashboard View

In this exercise a custom view will be created in Operations Manager to help the administrator
understand information about their datacenter components through rich visual displays.

3. Right-click on the top Monitoring node then select New | Dashboard View.
4. In the right-hand list of templates select Grid Layout and then click Next.
5. On the General Properties page in the Name filed, enter the text My Dashboard View and click
Next.
6. On the Specify the layout of the dashboard page, In the combo box at the top of the layout page
select 3 cells from the dropdown list.
7. In the layout template display select the first option (top left) which has two small panels above a
wider panel. With that template selected, click Next.
8. Click Create to register and load the new dashboard template.
9. When complete, click Close to close the wizard.
2.3.2 - SCOM: Add Widgets to the Dashboard

In this exercise several widgets will be added to the newly created dashboard. A widget is an
indicator showing the value, performance, alerts or some other data about a component monitored
by Operations Manager.

3. Expand Monitoring and click My Dashboard View then click the Click to add widget… link in the
center of the upper left panel, which opens the New Dashboard and Widget Wizard.
4. In the right hand panel of the wizard, select the State Widget and then click the Next button.
5. In the Name text box enter the text SQL Server State and click the Next button.
6. In the Specify the Scope page, click the blue plus (+) Add button above the list box.
7. In the Add Groups or Objects window, type SQL in the Enter text to filter the list of groups
textbox.
8. Select SQL Computers, and click the Add button to copy that group to the Selected Items.
9. Click OK.
10. After returning to the New Dashboard and Widget Wizard, select Next.
11. On the Specify the Criteria page, click Next.
12. On the Specify Display Preferences page, under the Columns to display heading check the Icon
and Maintenance Mode checkboxes.
13. Click Next.

14. Click Create. This will take a minute to complete.
15. Once the wizard has completed, click Close.
16. After returning to the Dashboard View, a summary of the health state of the SQL Servers will
appear shortly. Do not wait for this information to appear, continue to the next step.
17. Using the Operations Manager Console click the Click to add widget… link in the center of the
upper right panel, which opens the New Dashboard and Widget Wizard.
18. In the right hand panel of the wizard, select the Alert Widget and then click the Next button.
19. In the Name text box enter the text All Alerts.
20. On the Specify the Scope page, press Next.

21. On the Specify the Criteria page review the options, then press Next.
22. On the Display page review the options, then press Next.
23. Click Create on the Summary page.
24. Once the dialog has completed the actions, click Close.
25. Using the Operations Manager Console click the Click to add widget… link in the center of the
lower panel, this opens the New Dashboard and Widget Wizard.
26. In the right hand panel of the wizard, select the Performance Widget and then click the Next
button.
27. In the Name text box enter the text SQL Perf and click the Next button.
28. On the Specify the scope and Counters page, click the ellipsis (...) button.
29. In the Select a group or object page, type SQL in the text box.
30. Select SQL Computers and click OK.
31. On the Specify Scope and Counters page, click the Add button.
32. In the Object dropdown, click SQLSERVER:General Statistics.
33. In the Available Items pane select UserConnections (All) and Logins/sec (All) and click Add.
34. Click OK.
35. Click Next.
36. On the Time Range page, change the value to 72 Hours and click Next.
37. On the Specify the Chart Preferences page, click Performance Counter and click Next.
38. Click Create.
39. When it completes, click Close.
40. In the Monitoring tree, right-click My Dashboard View and click Add to My Workspace. If an
error message appears, close the Operations Manager Console, then open it again and repeat
this step.
41. Click OK.

42. Click My Workspace in the bottom left corner to move to that workspace.
43. Click My Dashboard View in the My Workspace view to see the newly created dashboard view.
2.4 - SCDPM: Backup the Infrastructure
2.4.1 - SCDPM: Backup Virtualization Infrastructure

In this exercise a virtual machine and Hyper-V host will be backed up by Data Protection Manager.

1. Open SCOM01, then open Server Manager from the Taskbar.
2. After the dashboard loads, select Manage | Add Roles and Features.
3. On the Before You Begin screen, click Next.

4. On the Installation Type screen, click Next.
5. On the Server Selection screen, select SCOM01.contoso.com, then click Next.
6. On the Server Roles screen, click Next.
7. On the Features screen, select Windows Server Backup, then click Next.
8. On the Confirmation screen, click Install.

9. Once installation begins, Close the Add Roles and Features Wizard. Do not wait until it runs to
completion.
10. Close Server Manager.

11. From SCDPM01, repeat steps 1 to 10.
12. Open the DPM Administrator Console by clicking the icon in the taskbar.
13. Navigate to the Protection workspace.

14. Click New on the ribbon.
15. Click Next on the Welcome screen.
16. On the Select protection group type screen, select Servers and click Next.
17. Expand Cluster-HyperV (Cluster), then expand SCVMM VM01 Resources, and Hyper-V. This may
take a minute. The virtual machine VM01 should be placed on Cluster-HyperV.
18. Expand SCOM01, then expand HyperV. This may take a minute.
19. Select the checkboxes for Host Component and Offline\VM01. This will backup both the newly
created VM and the host configuration. Click Next.
20. On the Select Data Protection Method page, in the Protection group name field, enter Hyper-V
Protection Group, then click Next.
21. On the Specify Short-Term Goals screen, keep the default settings and click Next.
22. On the Review Disk Allocation screen, keep the default settings and click Next.
23. On the Choose Replica Creation Method screen, keep the default settings and click Next.
24. On the Consistency check options screen, deselect the checkbox for Run a consistency check if a
replica becomes inconsistent, and click Next.
25. On the Summary screen select Create Group.

26. Click Create Group and wait until all the tasks complete.
27. Click Close to close the wizard.

28. In the Protection workspace, the Protection Status will display Replica creation in progress.
29. After a moment the Protection Status should display OK for the Host Component and Replica is
inconsistent for the Virtual Machine. The inconsistent replica is expected in this virtualized lab
environment because the virtual machine that was protected (VM01) has never been run and
registered its Volume Shadow Copy Service (VSS). Data Protection Manager uses the VSS when it
creates a backup, to ensure that the replica is consistent. A consistent backup means that any in-
progress transactions are either flushed or paused, so that the data does not change during the
backup, and it can be recovered successfully. Since Data Protection Manager cannot
communicate with the VSS writer for VM01, the backup may not have been consistent.
2.4.2 - SCDPM: Backup System Center Infrastructure
In this exercise a SQL Database that is used by System Center Operations Manager will be backed up
by Data Protection Manager.
2. Navigate to the Protection workspace.

3. Click New on the ribbon.
4. Click Next on the Welcome screen.

5. On the Select protection group type, select Servers and click Next.
6. Expand SCOM01 in the list of servers.

7. Expand All SQL Servers, then expand SCOM01. This may take a minute.
8. Select SCOM01, which becomes (Auto) SCOM01, to select all the SQL databases for Operations
Manager. The databases for other System Center 2012 components can also be protected using
DPM.
9. Expand SCVMM01 in the list of servers. This may take a minute.

10. Expand All Shares and select MSSCVMMLibrary. This will back up the files in a library server used
by Virtual Machine Manager.
11. A notification will appear. Click OK to close it.
12. Click Next.
13. On the Select Data Protection Methods tab, enter System Center Protection Group in the
Protection group name box and ensure the first option is selected, I want short-term protection
using: Disk. Click Next.
14. On the Select Short-Term Goals screen, review the settings then click Next.
15. If an Optimize Performance window appears, close the Optimize Performance window by
selecting Cancel. Click Next.
16. On the Review disk allocation, deselect Automatically grow the volumes, then click Next. The
disk size information may be different from the screenshot below.
17. On the Choose Replica Creation Method screen, ensure that Automatically over the network
and Now is selected, then click Next.
18. Click Next on the Choose consistency check options screen.
19. Click Create Group and wait until the tasks complete.
20. Click Close to close the wizard. This process will take several minutes to complete. Move on to
the next exercise while this completes.
2.5 - SCDPM: Recover the Infrastructure
2.5.1 - SCDPM: Recover Virtualization Infrastructure

In this exercise the Hyper-V host configuration will be restored from backup using Data Protection
Manager.
Exercise 3.4.1 - SCDPM: Backup Virtualization Infrastructure should be completed in order to

successful recover the host configuration information.

2. Navigate to the Recovery workspace.
3. From the left navigation pane, expand Recoverable Data | Contoso.com | SCOM01 | All
Protected HyperV Data | Host Component.
4. In the lower-center pane, select the Host Component item.

5. In the upper ribbon, click Recover.
6. In the Recovery Wizard, on the Review Recovery Selection screen, click Next.
7. On the Select Recovery Type screen, select Recover to original instance, then click Next.
8. The Specify Recovery Options screen, under Network bandwidth usage throttling, click Modify.
9. On the Throttle screen, select the checkbox for Enable network bandwidth usage throttling,
then click OK.
10. On the Recovery Wizard screen, click Next.
11. On the Summary screen, click Recover.
12. Wait a few minutes until the progress bar completes, then on the Recovery Status tab, ensure
that the status shows as Successful.
13. Click Close to complete the Wizard.
2.5.2 - SCDPM: Recover System Center Infrastructure

In this exercise a SQL database used by Operations Manager is restored from backup by Data
Protection Manager.
Exercise 3.4.2 - SCDPM: Backup System Center Infrastructure should be completed in order to
successful recover the System Center information.

2. Navigate to the to the Protection workspace.
3. Under Protection Group: System Center Protection Group verify that the status displays OK. If
the status indicates that the replica is still being created, wait until it finishes.
4. Select to the Recovery workspace.
5. From the left navigation pane, expand Recoverable Data | Contoso.com | SCOM01 | All
Protected SQL Instances | SCOM01 | ReportServerTempDB.
6. In the lower-center pane, select the ReportServerTempDB item.
8. In the Recovery Wizard page, confirm the settings and click Next.
9. On the Select Recovery Type screen, select Recover to original instance of SQL Server (Overwrite
database), then click Next.
10. On the Specify Database State screen, select Leave database operational, then click Next.
11. On the Specify Recovery Options screen, leave the default options, then click Next.
16. Navigate to Recoverable Data | contoso.com | SCOM01 | All Protected SQL Instances | SCOM01
| ReportServerTempDB.
17. In the details pane, under Recoverable Item select ReportServerTempDB.
19. In the Recovery Wizard, on the Review Recovery Selection screen, click Next.
20. On the Select Recovery Type screen, select Recover to original instance of SQL Server (Overwrite
database), then click Next.
21. On the Specify Database State screen, select Leave database operational, then click Next.
22. On the Specify Recovery Options screen, leave the default options, then click Next.
26. From the left navigation pane, expand Recoverable Data | Contoso.com | SCVMM01 | All
Protected Shares | MSSCVMMLibrary.
27. In the lower-center pane, select the VHDs item.

29. In the Recovery Wizard on the Review Recovery Selection screen, ensure that VHDs is selected,
then click Next.
30. On the Select Recovery Type screen, select Recover to original location, then click Next.
31. On the Specify Recovery Options screen, under Existing version recovery behavior, change the
selection to Skip, then click Next.

2.6 - SCCM: Secure the Datacenter
Saturday, February 15, 2014
6:50 PM
2.6.1 - SCCM: Manage Assets

In this exercise Configuration Manager will manage datacenter assets by creating minimum
hardware requirements and viewing different resources on managed clients.
2. Navigate to the Assets & Compliance workspace.
3. Navigate to Asset Intelligence | Hardware Requirements.

4. From the upper ribbon select Create Hardware Requirements.
5. In the Software title box enter: System Center SQL Server.
6. In the Minimum CPU box enter: 1000.
7. In the Minimum RAM (KB) box enter: 2048000 . This is equal to 2 GB.
8. In the Minimum Disk Space (KB) box enter: 10000000 . This is equal to approximately 10 GB.
9. In the Minimum Disk Size (KB) box: 20000000 . This is equal to approximately 20 GB.
10. Click Next.
11. On the Summary screen click Next.
12. Wait until the process completes and on the Completion screen click Close. This may take a
minute.
13. In the Hardware Requirements Search box enter: System Center
14. Click Search and note the newly created Hardware Requirement.
15. Select Devices from the navigation pane.
16. Select SCOM01, then from the upper ribbon click Device | Start, and when the drop down
appears select Resource Explorer.
17. Expand Hardware then click on several of the objects to view information about this server which
Configuration Manager is managing.
18. Close the Resource Explorer.
2.6.2 - SCCM: Manage Software Updates

In this exercise Configuration Manager deploys a group of updates to SQL Servers. Configuration
Manager has synced with Windows Server Update Services to see a list of updates that it can deploy.
The SQL Server updates are discovered and grouped together, then deployed to the SQL Servers.

2. Navigate to the Software Library workspace.
3. Expand Software Updates and select All Software Updates.

4. In the Search bar, enter SQL and click Search.
5. When the results appear, select all of the updates except the update for SQL Server 2000. There
will be 7 updates in this group.
6. Right-click the selected updates and select Create Software Update Group.
7. In the Create Software Update Group dialog box, enter SQL Server 2012 Updates in the Name
field and click Create. This will organize the selected updates as a logical group. This will take a
minute to complete.
8. Navigate to Software Updates and select Software Update Groups.

9. Select SQL Server 2012 Updates.
10. From the upper ribbon, click Show Members. This view will now show all of the SQL Server 2012
updates.
11. Sort the updates by title by clicking on the title column.
12. Select the first update, Microsoft SQL Server 2012 Service Pack 1 (KB2674319) and note the
details in the preview. If the preview pane is not visible, click the arrow in the lower right corner
to display the details.
13. Select the last update, Update Rollup for SQL Server 2012 Service Pack 1 (KB2793634) and note
that the servers are not compliant, as the update is required on 6 servers.
14. From the navigation pane, right-click SQL Server 2012 Updates and select Deploy. This will open
the Deploy Software Updates Wizard.
15. Enter SQL Updates as the Deployment Name.

16. After Collection, click Browse. On the Select Collection window, select Contoso Datacenter and
click OK.
17. Click Next.
18. On the Deployment Settings page, keep the defaults and click Next.
19. On the Scheduling page, keep the defaults and click Next.
20. On the User Experience page, keep the defaults and click Next.
21. On the Alert page, select the checkbox to enable Generate Operations Manager alert when a
software update installation fails.
22. Click Next.

23. On the Download Settings page, keep the defaults and click Next.
24. On the Deployment Package page, select Create a new deployment package, under Name, enter
SQL Deployment Package.
25. Under Package Source, enter \\SCCM01\d$\Updates.
26. Click Next.
27. On the Distribution Points Page, click Add, then select Distribution Point from the dropdown
menu. Select the checkbox for SCCM01.CONTOSO.COM and click OK.
28. Click Next.

29. On the Download Location page, keep the default selection and click Next. Configuration
Manager will not download any duplicate files. However, this lab is not connected to the Internet
which will cause this step to fail. This is expected, and designed this way so as to not disrupt the
other virtual machines and exercises in this lab.
30. On the Language Selection page, keep the defaults and click Next.
31. On the Summary page, review the information and click Next. Wait for the wizard to complete
running. It will complete with errors, this is expected as the lab is not connected to the Internet.
It would have also been possible to point to offline updates which have already been
downloaded, which are managed by a centralized Configuration Manager or a Windows Server
Update Services server. However, in order to optimize the size of this lab, the offline content was
omitted.
32. Click Close.
33. Navigate to Software Updates and select Deployment Packages. Click Refresh from the upper
ribbon and note that the newly created SQL Deployment Package is now available.
34. Select SQL Deployment Package from the results pane.
35. In the upper ribbon, select Update Distribution Points. This will upload any of the updates which
are part of this deployment package to the distribution points. On the prompt, click OK.
2.6.3 - SCCM: Manage Server Compliance

In this exercise a Configuration Baseline is created which ensures that all computers in a collection
meet a specific requirement, in this example it is a minimum SQL Server version number. Many of
these baselines can include an option to automatically remediate the computer if it drifts from that
desired setting.
3. Expand Compliance Settings and select Configuration Items.
4. From the upper ribbon, select Create Configuration Item.
5. On the General page, enter System Center SQL Configuration in the Name field.
6. Under Assigned categories to improve searching and filtering, click Categories. Select IT
Infrastructure and Server. Click OK.
7. After returning to the General page, click Next.
8. On the Supported Platforms page, unselect everything by unchecking the Select all box. Select
Windows 2008, Windows Server 2012 and Windows Server 2012 R2.
9. Click Next.
10. On the Settings page, click New. In the Name field, enter SQL Server Version Minimum. Under
Description, enter Requires version 11.0 or later.
11. Under Hive Name, select Browse. On the Browse Registry window, expand
HKEY_LOCAL_MACHINE | Software | Microsoft | MSSQLSERVER | MSSQLSERVER and select
Current Version. Note the Registry Value shows the current version of 11 or better.
12. From the Data type dropdown, select Version.

13. Click OK.
10. Click Apply.

11. Click the Compliance Rules tab.
12. Click New. For Name, enter Minimum Version Number.

13. For Rule type, select Value.
14. For The Setting must comply with the following rule, set SQL Server Version Minimum Greater
than and set the following values to 11.0.
15. Check Report noncompliance if this setting instance is not found.
16. Under Noncompliance for severity reports, select Warning.
17. Click OK. Click Apply and then click OK.
18. Click Next. On the Compliance Rules page, click Next.
19. On the Summary page, review the information and click Next. This will take a minute to
complete.
20. On the completion page, click Close.
21. Navigate to Compliance Settings | Configuration Baselines.
22. From the upper ribbon, select Create | Create Configuration Baseline.
23. In the Name field, enter System Center SQL Baseline. Under Configuration data, click Add.
Select Configuration Items from the dropdown.
24. On the Add Configuration Items page, filter for SQL.
25. Select System Center SQL Configuration, then click Add. Click OK.
26. On the Create Configuration Baseline page, click Add and click Software Updates.
27. Under Look for, enter SQL and click Find Now.
28. Select all of the updates, except for the first one (Update for SQL Server 2000) and then click OK.
29. Select Categories. On the Manage Administrative Categories page, select IT Infrastructure and
Server and click OK.
30. After returning to the Create Configuration Baseline page, click OK.
31. After returning to the Assets and Compliance workspace, in the Search bar enter SQL then click
Search.
32. Select the newly created baseline, System Center SQL Baseline. Right-click it and select Show
Members. This will create a new node under Configuration Baselines.
33. Right-click the System Center SQL Baseline node in the navigation pane and click Deploy.
34. On the Deploy Configuration Baselines page, Select Remediate noncompliant rules when
supported, Generate an alert, and Generate System Center Operations Manager Alert.
35. After Collection, click Browse.
36. Select the dropdown and change it to Device Collections. Select Contoso Datacenter.
37. Click OK to return to the Deploy Configuration Baselines page.
38. Click OK, this will deploy the configuration baseline.

39. Under Configuration Baselines, select Remote Connection Profiles.
40. In the right-pane select Contoso Remote Connections. In the upper ribbon, select Properties.
41. Select the Profile Settings tab, then for the Full name and port of the Remote Desktop Gateway
Server field enter ContosoRD.contoso.com:8080.
42. Click OK.
43. From the Remote Connections Profile view, click Contoso Remote Connections and from the
upper ribbon, click Deploy.
44. Under Collection, click Browse and select All Systems. Click OK.
45. Select the checkbox for Remediate noncompliant rules when supported.
46. Click OK to deploy the profile.
47. Select the Monitoring workspace and select Deployments.
48. Select System Center SQL Baseline and Contoso Remote Connections and from the upper ribbon,
select Run Summarization.
49. Click OK on the prompt. This will take several minutes to complete, so move on to the next
exercise.
2.6.4 - SCCM: Deploy Endpoint Protection Client
In this exercise the Endpoint Protection Client will be imported into Configuration Manager,
then deployed to different servers in the datacenter.
2. Navigate to the Administration workspace.
3. Click Client Settings.

4. Click Contoso Device Settings.
5. From the upper ribbon click Properties and click Endpoint Protection.
6. Review the settings. Under the Device Setting for Suppress any required computer restarts after
the Endpoint Protection client is installed drop-down select Yes.
7. Click OK.
8. Select Contoso Device Settings and from the upper ribbon click Refresh.
9. Select the Software Library workspace.
10. Navigate to Overview | Application Management | Applications.
11. Select Create | Create Application.

12. On the Create Application wizard on the General page select Manually specify the application
information and click Next.
13. Under Name, enter System Center Endpoint Protection.
14. On the Application Catalog page, under Publisher add Contoso IT.
15. Click Next

16. On the Application Catalog page, click Next
17. On the Deployment Types page click Add.
18. On the Create Deployment Type wizard, select Manually specify the deployment type
information. .
19. Click Next.
20. Under Name enter: System Center Endpoint Protection Deployment.
21. Click Next.

22. Under Content location click Browse and navigate to \\sccm01\d$\Program Files\Microsoft
System Center 2012 R2\Configuration Manager\Client and click Select Folder.
23. Under Specify the command used to install this client enter: D:\Program Files\Microsoft System
Center 2012 R2\Configuration Manager\Client scepinstall.exe /s
24. Click Next.
25. Under Detection Method click Add Clause button.
26. Under Type click the dropdown and select Folder.
27. Under Path type: C:\Program Files
28. Under File or folder name enter: Microsoft Security Client. Click OK.
29. Click Next.
30. Under User Experience, select the dropdown next to Installation behavior and select Install for
system.
31. Click Next.
32. On the Requirements page click Next.
33. On the Dependencies page click Next.
34. On the Summary click Next. Click Close.
35. After returning to the Create Application Wizard screen, click Next.
36. On the Summary screen click Next. This process will take a minute to complete.
37. When the Create Application Wizard is complete click Close.
38. Navigate to the Applications view, and note that the newly created System Center Endpoint
Protection is now available.
39. From the upper ribbon select Deployment | Distribute Content.
40. When the Distribute Content Wizard opens click Next.

41. On the Content page click Next.
42. On the Content Destination page click Add and select Distribution Point.
43. On the Add Distribution Points page select SCCM01.contoso.com and click OK.
44. Click Next.
45. On the Summary page click Next.
46. On the Completion page click Close.
47. On the upper ribbon select Deployment | Deploy.
48. On the General page under Collection select Browse.

49. From the dropdown in the upper left corner select Device Collection.
50. Select Contoso Datacenter.
51. Click OK.
52. Click Next.
53. On the Content screen select \\SCCM01.contoso.com and click Next.
54. On the Deployment Settings screen click Next.
55. On the Scheduling screen click Next.
56. Under User Experience click Next.
57. On the Alerts screen, select the checkbox next to Generate System Center Operations manager
alert when a software installation fails.
58. Click Next.

59. On the Summary screen click Next.
60. On the Completion page when the Deploy Software Wizard completes successfully click Close.
61. Navigate to the Monitoring workspace, select Deployments and select System Center Endpoint
Protection.
62. Expand the view in the Information pane by clicking the dropdown arrow on the right.
63. In the Navigation pane expand Endpoint Protection Status and select System Center 2012 R2
Endpoint Protection. Review the information on this page. The Configuration Manager agent
includes the Endpoint Protection agent and is already installed on many of the computers in this
lab environment which is why they may be reporting some information.
2.6.5 - SCCM: Configure Protection Policies

In this exercise new policies with be created in Configuration Manager as customized templates
which can be deployed in the datacenter. First a Windows Firewall Policy will be created which
defines customized firewall settings, then an Antimalware Policy will be created which defines
additional security settings for each server.
3. Browse to Endpoint Protection | Windows Firewall Policies.
4. From the upper ribbon, click Create Windows Firewall Policy.

5. For Name enter System Center Firewall Policy.
6. Click Next.
7. For Enable Windows Firewall:
 After Domain profile select Yes.
 After Private profile select No.
 After Public profile select No.
8. Under Block all incoming connections including those in the list of allowed programs click No.
9. Click Next.
10. On the Summary screen, click Next.
11. On the Completion screen, click Close.
12. Click the newly created System Center Firewall Policy.
13. From the upper ribbon click Deploy.
14. On the Deploy Windows Firewall Policy page under Collection click Browse.
15. Under Device Collection, click Contoso Datacenter and click OK.
16. After returning to the Deploy Windows Firewall Policy screen click OK.
17. Under Endpoint Protection, click Antimalware Policies.
18. From the upper ribbon, click Create Antimalware Policy.

19. On the Create Antimalware Policy page, next to Name enter Contoso Antimalware Policy
20. In the lower box select every checkbox. This will populate a list of tabs in the left column.
21. Click Scheduled scans. Review the information.
22. Click Scan settings and from the dropdown next to Scan network drives when running a full scan
click Yes.
23. Click Default Actions. Review the information.
24. Click Real-time Protection. Review the information.
25. Click Advanced.
26. On the Advanced page under Show notification messages on the client computer when the user
needs to run a full scan, update definitions, or run Windows Defender online click Yes.
27. Under Randomize scheduled scan and definition update start times (within 30 minutes) click
Yes. This will ensure that he start time of the scan across all the servers in the datacenter will be
staggered so that there is not a large spike in the CPU at the exact same time.
28. Click Threat overrides.
29. Click the Set button.
30. In the Configure Settings dialog box click Browse.
31. After Threat name click Find. This shows a list of pre-populated threats that System Center
Endpoint Protection will protect against.
32. Click Cancel to return to the Create Antimalware Policy screen.
33. Click Definition updates.
34. Review the information and click OK.
35. Select the newly created Antimalware Policy called Contoso Antimalware Policy.
36. From the upper ribbon click Deploy.
37. From Select Collection select Contoso Datacenter.
38. Click OK.

System Center 2012 R2 Lab 2: Infrastructure Monitoring: Hands-On Lab - Step-by-Step Guide

Uploaded by

Copyright:

Available Formats

System Center 2012 R2 Lab 2: Infrastructure Monitoring: Hands-On Lab - Step-by-Step Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

System Center 2012 R2 Lab 2: Infrastructure Monitoring: Hands-On Lab - Step-by-Step Guide

Uploaded by

Copyright:

Available Formats

System Center 2012 R2

Hands-On Lab | Step-by-Step Guide

For the VMs use the following credentials:

2.1.1 - SCOM: Introduction to Operations Manager

Estimated time to complete: 10 minutes

Perform the following on SCOM01

2. Navigate to the Monitoring workspace.

Estimated time to complete: 5 minutes

Perform the following on SCDPM01

2.1.3 - SCCM: Introduction to Configuration Manager

Estimated time to complete: 20 minutes

Perform the following on SCCM01

2. Navigate to the Assets and Compliance workspace.

2.2 - SCOM & SCCM: Explore Infrastructure Monitoring

2.2.1 - SCOM & VMM: Monitor the Fabric

Perform the following on SCVMM01

2. Navigate to the Settings workspace.

3. Select System Center Settings.

Perform the following on SCOM01

8. Navigate to the Monitoring workspace.

2.2.2 - SCOM: Monitor VMware Infrastructure

Estimated time to complete: 5 minutes

Perform the following on SCOM01

4. Review the Alerts.

7. Scroll down and expand SRVGRE-PROD-CLU.

9. Navigate to _vCenter Storage Topology.

10. Review the impacted nodes.

16. Expand Performance Views and select All VMGuest Performance.

Estimated time to complete: 15 minutes

Perform the following on SCCM01

2.3 - SCOM: Create a Dashboard

2.3.1 - SCOM: Create a Custom Dashboard View

Estimated time to complete: 2 minutes

2. Navigate to the Monitoring workspace.

2.3.2 - SCOM: Add Widgets to the Dashboard

Estimated time to complete: 8 minutes

2. Navigate to the Monitoring workspace.

13. Click Next.

20. On the Specify the Scope page, press Next.

41. Click OK.

2.4 - SCDPM: Backup the Infrastructure

2.4.1 - SCDPM: Backup Virtualization Infrastructure

Estimated time to complete: 10 minutes

1. Open SCOM01, then open Server Manager from the Taskbar.

3. On the Before You Begin screen, click Next.

8. On the Confirmation screen, click Install.

10. Close Server Manager.

Perform the following on SCDPM01

13. Navigate to the Protection workspace.

15. Click Next on the Welcome screen.

25. On the Summary screen select Create Group.

27. Click Close to close the wizard.

Estimated time to complete: 10 minutes

Perform the following on SCDPM01

2. Navigate to the Protection workspace.

4. Click Next on the Welcome screen.

6. Expand SCOM01 in the list of servers.

9. Expand SCVMM01 in the list of servers. This may take a minute.

2.5 - SCDPM: Recover the Infrastructure