###BeginCaseStudy###
Topic 3: Northwind Traders
No. of Questions: 10
Overview
Northwind Traders is an IT services and hosting provider.
Northwind Traders has two main data centers in North America. The data centers are located in the same city. The data centers
connect to each other by using high-bandwidth, low-latency WAN links. Each data center connects directly to the Internet.
Northwind Traders also has a remote office in Asia that connects to both of the North American data centers by using a WAN link. The
Asian office has 30 multipurpose servers.
Each North American data center contains two separate network segments. One network segment is used to host the internal servers
of Northwind Traders. The other network segment is used for the hosted customer environments.
Existing Enviornment
Active Directory:
The network contains an Active Directory forest named northwindtraders.com. The forest contains a single domain. All servers run
Windows Server 2012 R2.
Server Enviornment:
The network has the following technologies deployed:
Service Provider Foundation
Windows Azure Pack for Windows Server
System Center 2012 R2 Virtual Machine Manager (VMM)
An Active Directory Rights Management Services (AD RMS) cluster
An Active Directory Certificate Services (AD CS) enterprise certification authority (CA)
All newly deployed servers will include the following components:
Dual 10-GbE Remote Direct Memory Access (RDMA)-capable network adapters
Dual 1-GbE network adapters
128 GB of RAM
Requirments
Business Goals:
Northwind Traders will provide hosting services to two customers named Customer1 andCustomer2.
The network of each customer is configured as shown in the following table.
Planned Changes:
Northwind Traders plans to implement the following changes:
Deploy System Center 2012 R2 Operations Manager.
Deploy Windows Server 2012 R2 iSCSI and SMB-based storage.
Implement Hyper-V Recovery Manager to protect virtual machines.
Deploy a certificate revocation list (CRL) distribution point (CDP) on the internal network.
For Customer 1, install server authentication certificates issued by the CA of Northwind Traders on the virtual machine in the hosting
networks.
General Requirements:
Northwind Traders identifies the following requirements:
Storage traffic must use dedicated adapters.
All storage and network traffic must be load balanced.
The amount of network traffic between the internal network and the hosting network must be minimized.
The publication of CRLs to CDPs must be automatic.
Each customer must use dedicated Hyper-V hosts.
Administrative effort must be minimized, whenever possible.
All servers and networks must be monitored by using Operations Manager.
Anonymous access to internal file shares from the hosting network must be prohibited.
All Hyper-V hosts must use Cluster Shared Volume (CSV) shared storage to host virtual machines.
All Hyper-V storage and network traffic must remain available if single network adapter fails.
The Hyper-V hosts connected to the SMB-based storage must be able to make use of the RDMA technology.
The number of servers and ports in the hosting environment to which the customer has access must be minimized.
Customer1 Requirements:
Northwind Traders identifies the following requirements for Customer1:
Customer1 must use SMB-based storage exclusively.
Customer1 must use App Controller to manage hosted virtual machines.
The virtual machines of Customer1 must be recoverable if a single data center fails.
Customer1 must be able to delegate self-service roles in its hosted environment to its users.
Customer1 must be able to check for the revocation of certificates issued by the CA of Northwind Traders.
The users of Customer1 must be able to obtain use licenses for documents protected by the AD RMS of Northwind Traders.
Certificates issued to the virtual machines of Customer1 that reside on the hosted networks must be renewed automatically.
Customer2 Requirements:
Northwind Traders identifies the following requirements for Customer2:
Customer2 must use iSCSI-based storage exclusively.
All of the virtual machines of Customer2 must be migrated by using a SAN transfer.
None of the metadata from the virtual machines of Customer2 must be stored in Windows Azure.
The network configuration of the Hyper-V hosts for Customer2 must be controlled by using logical switches.
The only VMM network port profiles and classifications allowed by Customer2 must be low-bandwidth, medium-bandwidth, or highbandwidth.
The users at Northwind Traders must be able to obtain use licenses for documents protected by the AD RMS cluster of Customer2.
Customer2 plans to decommission its AD RMS cluster during the next year.
###EndCaseStudy###
You need to recommend changes to allow Customer1 to delegate permissions in its hosting environment to its users.
Where should you recommend performing each task? To answer, select the appropriate location for each task in the answer area.
Hot Area:
Answer: 
Explanation:
with certbase
In the section requirements of Customer1 states:
Can delegate Customer1 must self-service user roles to his colleagues.
Applies To: System Center 2012 SP1 – Orchestrator, System Center 2012 R2 Orchestrator
Service providers can use Service Provider Foundation technology to offer infrastructure as a service (IaaS) to their clients. If a service provider has a front-end
portal for clients to interact with, Service Provider Foundation makes it possible for the clients to access the resources on their hosting provider’s system without
making changes to the portal.
The following illustration provides a high-level view of how Service Provider Foundation operates.
The tenant represents a hoster’s customer, and the tenant has assets on the hoster’s system. Each tenant has their own administrators, applications, scripts, and
other tools.
The hoster provides tenants with the environment, which can include virtual machines. The hoster has an existing front-end portal, which all tenants can use. On the
back end, the hoster has a collection of resources, which is called the fabric. The hoster allocates those resources into discrete groups according to the hoster’s
needs. Each of these groups is known as a stamp. The hoster can then assign the tenant’s resources to stamps in whatever manner is appropriate to the hoster.
The resources may be divided across several stamps, according to the hoster’s business model scheme. Service Provider Foundation makes it possible for the
hoster to present a seamless user experience to the tenant by aggregating the data from each stamp and allowing the tenant to use the Service Provider
Foundation application programming interfaces (APIs) to access that data.A stamp in Service Provider Foundation is a logical scale unit designed for scalability that provides an association between a server and its System Center 2012
Service Pack 1 (SP1) components. As tenant demand increases, the hoster provides additional stamps to meet the demand. Note that Service Provider Foundation
System Center 2012 SP1 supported only one type of stamp; that is a single server that has Virtual Machine Manager (VMM) installed.
Service Provider Foundation does not configure clouds; instead, it manages their resources. Virtual machines are set to clouds, for example, when they are created
for VMM or when they are created by the T:Microsoft.SystemCenter.VirtualMachineManager.Cmdlets.New-SCVirtualMachine cmdlet.
The hoster can have a portal client, which faces the tenant, that provides access to the infrastructure that the hoster has granted. The portal uses an extensible
representational state transfer (REST) API to communicate with the web service by using the OData protocol. The claims-based authentication verifies the tenant’s
identity and associates it with the user role that the hoster assigns.
Service Provider Foundation uses a database to aggregate the tenant resources, which are managed with Windows PowerShell scripts and Orchestrator runbooks.
This makes it possible for the hoster to distribute tenant resources among management stamps in whatever way it decides, while to the tenant the resources are
easy to access and appear contiguous.
https://technet.microsoft.com/en-us/library/jj642897.aspx
