Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and digital assets

Tokyo Dublin Singapore 3M+ messages per day internally 99.99% availability 99.99% availability 104,000 end users 83 countries 334,000+ PCs and devices 9,000 Servers 10,000 network devices Single Instance SAP (1.9Tb Db) 441 buildings 9.5M+ remote connections/month 111,000+ server accounts Redmond Reno SVC(BC/DR)

Centralized IT operations Reduced operation costs Required for effective standardization Federated Business Systems Groups Regional representation Account managers are the “face” of IT in regions Provides understanding of local business and cultural issues Allows for local accountability and involvement with the business – Links IT service levels directly to localized business drivers

Centralization Monitoring and Incident Management centralized Centralized change and release processes Remote Server to staff ratio of 450:1 143 offices connected over internet Consolidation A 30% reduction in Infrastructure Servers Microsoft exchange down from 74 to 4 sites globally More than 1500 virtual machines at 16:1 guest to host ratio Microsoft DPM (eliminated 115 tape libraries) Automation 85% alerts auto- ticketed Decreased duplicate/ NPF tickets by 90%. Alert/ ticket ratio of 1.4 Single MOM console

Core Infrastructure Management Services Network Operations Data Center Server Operations Telephony Operations Database Operations Application performance monitoring Desktop Management Patch management Software deployment Image management Data Protection Services Identity Management Messaging and Collaboration Support Virtual Server and Storage utilities

MOM 2007 Centralized Management Console IT Config CMDB Trouble Ticketing Third-Party Network Events Server MOM 2007 Events Messaging Events LOB Application Events Out-of-box integration Custom integration

Remote access clients/dial-up Workgroups Secure Net Devices ~270,000 Labs & Pilots ~38,000 Devices managed through SMS: ~265,000 IPSec Datacenter : ~16,000 Desktops : ~211,000 Separate SMS Hierarchies ● Cooperative computer management model ● IT & users working together ● Other misc. special testing hierarchies ● Completely centralized administration All Devices ~330,000

Mitigate risk to the infrastructure through implementation of four key strategies Enforce Secure Key Assets Secure the Network Interior Secure the Network Perimeter Secure Wireless Smart Cards for RAS Network Access Protection Patch Management IPsec Segmentation Smart Cards for Admin Access IPSec for key assets Strong enforcement

Wireless Access Point User Provisioning ISA configuration (FW) & Policies Wireless Access Point Forwarding ACLs RRAS/ISA SE (VPN) configuration & policies ISA (Proxy) Configuration & policies ISA (FW) configuration & policies Router ACLs Router IAS / NAP configuration & policies DHCP configuration & policies Health Certificate Server (PKI) configuration & policies ADAM User Provisioning SharePoint Domain Controller Wireless Access Point LOB App Domain Controller Router ACLs Forwarding ACLs Fix up resources PKI configuration & policies User Provisioning Domain Controller SharePoint LOB App Forwarding & Infrastructure ACLs RRAS configuration & policies Infrastructure ACLs Forwarding & Infrastructure ACLs

Guidance Developer Tools Systems Management Active Directory Federation Services (ADFS) Identity Management Service s Information Protection Encrypting File System (EFS) BitLocker™ Network Access Protection (NAP) Client and Server OS Server Applications Edge