Software tools simplify PC roll-out and patch
management.
Organisations are constantly looking for ways to reduce the
overheads from cost of service and repair to equipment downtime,
and improve the cost efficiency of their IT assets. Desktops are
one of the most expensive areas.
There is a raft of tools that enable the IT department to manage
desktops more efficiently, from roll-out to maintenance. But just
how practical is this, and how much do these management products
let you manage?
The desktop environment continues to become more complex every
year, with new technology, new hardware and new software.
Typically, companies refresh their IT at intervals ranging from 18
months to three years.
Rolling out new hardware, software, or both is time consuming
and involves huge costs. And problems posed by keeping the desktop
environment up-to-date do not stop there. Software patches have to
be installed regularly and walking to 500 machines to update them
manually is simply not practical or cost effective. It is even less
so when the machines are distributed around branch offices.
The solution? Manage the desktop remotely from central
locations. Considerable savings can be made by taking advantage of
the latest desktop management technologies. You can now get tools
for software upgrades and patches, hardware and software asset
management, software distribution, and support services.
A new ISO standard has been ratified and lists the elements that
should be addressed by software asset management. This is a good
guideline for companies as to what can be achieved through managing
the desktop software effectively.
With the advent of Windows 2000 and Active Directory, IT
departments benefited by gaining increased control of desktops
through the introduction of features like Group Policies, which
allow the environments of selected numbers of desktop users to be
managed as one.
Since then organisations have seen many upgrades to hardware,
and the use of laptops for mobile working has become prevalent. The
new mobile environment and distributed computing poses an obvious
question: why have many companies not moved to a managed
desktop?
Rob Grange, IT solutions consultant for Bull Information
Systems, believes that some of the problems are inherent in the
existing technology.
"Most of the comprehensive management software packages are
overbearing and have proved cumbersome or require a significant
investment in skilling of staff, with limited results or
acceptance. The increase in laptop use has also made it harder to
deploy. Some niche technologies have seen a resurgence as a result.
Citrix has benefited from companies changing and using the
technology as a strategic solution," he says.
Many organisations see thin client technology as a way to allow
applications to be accessible to groups of users without the need
to replace the entire hardware infrastructure. Since the operating
system and applications are run centrally, software upgrades and
deployment is easier and more cost-effective to manage than the
traditional desktop model.
Thintop provides a range of management products for both Citrix
servers and desktops that will provide remote control of
deployment, inventories and patch management.
However, Grange believes previous technical obstructions are
also disappearing, "Business applications can be better managed
centrally and with the improvements in communications (ADSL/3G data
networks) there is no longer a significant barrier to access," he
says.
As history demonstrates, rolling out new hardware and software
can be a risky business, but Barry Varley, chief executive at
testing consultancy Acutest, believes a more effective approach to
testing is needed, since about 50% of testing undertaken by British
businesses before roll-out is unnecessary.
"We analysed the testing of a number of our customers and found
that, while managers thought they had identified 60% of the
potential problems in a roll-out, they had only identified 16%," he
says.
A common practice is to test only the more visible large
applications before roll-out, but it can often be the smaller
applications that are overlooked by testing that can cause system,
and ultimately business, failures.
Acutest research shows that managers typically allow only half
the time needed for testing systems, so it is clear why the testing
programme often becomes squeezed before deployment.
To save costs, time and reduce the risk of business failure,
Varley says, "IT departments need to adopt a risk-based approach to
testing and involve business managers to find out what applications
are business-critical before testing."
With some companies refreshing 30% of their PC environment each
year, the physical process of rolling out new hardware, software or
both adds weight to already overstretched IT departments.
Getronics' Rapid Deployment eXperience (RDX) service works with
Microsoft's Business Desktop Deployment technology to allow remote
deployment of software on the desktop.
RDX includes a discovery and management tool to find what
hardware is in use in the organisation, allowing the IT department
to assess whether PCs are capable of being upgraded with the latest
operating systems and applications.
RDX creates a controlled operating environment image to suit the
typical business groups, such as finance, HR or marketing, with
specific applications then added on top. Once this has been
established Getronics uses a remote toolset to push the
applications out to the desktop.
This service is aimed at companies with more than 500 desktops
to update and maintain, and installations have covered as many as
700,000 seats distributed around the world. Getronics believes that
labour costs on roll-outs can be reduced by at least 40%, and
savings on on-going management can amount to between 10% and
25%.
Savings through the use of zero-touch technology are so large
because of the reductions in engineers' time and travel, as well as
the speed with which new technology can be implemented.
Maintenance can also be undertaken with the RDX service,
allowing the remote rebuilding of software on PCs, resetting of
passwords, and setting up share systems. The technology is also
relevant to applying patches to operating systems and
applications.
The constant stream of software patches put out by software
suppliers can be a significant burden on the IT department. The
large system management applications allow patches to be pushed out
to the desktop, but there are also additional products and services
that are available solely for managing what can be a long and
painful process.
Alan Bentley, UK managing director of PatchLink, specialising in
patch management, says patching involves gathering information
about the IT environment.
"In all there are 15 critical steps to patch management, and
companies need to improve the accuracy and reduce the risk in
applying upgrades," he says. "Risk can be assessed against what
will happen if you don't patch, or apply a patch to a machine that
doesn't need it or that it is incorrect for."
PatchLink's Update provides IT departments with access to a
repository of patches that PatchLink gets direct from the software
suppliers. The patches are tested against 250 different
configurations, repackaged for the relevant configuration, are
digitally signed by PatchLink and can be pulled down on an SSL
link.
Patches are available for different platforms including Windows,
Mac, AIX, and Solaris and, by the end of this year, support is to
be provided for the mobile platforms.
Broader desktop management systems such as solutions from 1E,
Symantec, Altiris, Monactive and Computer Associates, provide an
even greater element of control to the IT centre. Some products
allow the IT centre to stipulate when machines are powered down,
and what services are available during certain hours.
SecureWave's Sanctuary products, for instance, enable IT centres
to specify which executables are allowed to run, which USB devices
can be connected and what information can be saved to external
sources.
So while the days of engineers travelling around the country are
not gone, at least they may not have to do it so frequently, or
with armfuls of CDs.
Centralised IT management products
Altiris's Client Management Suite provides
centralised management of mixed hardware and operating system
environments, zero-touch operating system deployment and migration,
integrated hardware and software inventory with web-based
reporting, policy-based software management, and automated patch
management.
Computer Associates' Unicenter enables asset
discovery and tracking, software packaging and distribution,
software usage monitoring and automated patch distribution. It also
provides IT with the ability to retrieve and save data from the
desktops before rebuilding begins. Its DNA product also helps with
migration by storing the user settings before changing operating
systems.
IBM's Tivoli Configuration Manager is aimed at
enterprises for migrating and deploying PCs, automating software
and patch distribution, and managing inventory. The latest version
offers automation technology for delivery of patches and works with
the Tivoli suite of products that cover the entire enterprise.
1E's products deliver control in the Windows
environment and their patch management module enables PCs to be
booted and unlocked remotely, and patches delivered, documents
saved and users logged off. Its SMSNomad Branch specifically
enables central management of PCs in branch offices, removing the
need for an SMS server to be placed at each location, with OSD
Branch providing deployment and migration of operating systems to
remote branches.
Monactive's Activesam product provides
management tools for Microsoft, Citrix and Unix platforms, and
integrates information on daily usage, inventory and licence
agreements as well as identifying misuse of computers and
software.
Symantec's On Command and LiveState products
incorporate the technology and products from the PowerQuest
acquisition, and provide a complete suite for patch management,
enterprise-wide roll-outs of new platforms including Windows, Linux
and Pocket PC, asset management, and device control and
monitoring.
What is active management technology?
Intel's new AMT tools bring the ability to manage hardware from
the server onto the desktop, allowing system administrators to
reboot and repair PCs independent of the system's status.
Hardware information is stored in flash memory that is
inaccessible to users, but is scanned at first power-up before the
operating system loads.
This information is accessible remotely, and technology already
exists to boot an inactive system remotely through network
controllers.
Keyboard control can be redirected to the system administrator
who then has the power to boot the remote device from an external
source over the network, and from there can work to repair and
restore a system.
AMT is part of a cross-platform management initiative that sees
Intel working with major manufacturers to design a set of industry
specifications and interfaces that will allow more control of the
desktop.
Fujitsu Siemens has announced the first PCs to incorporate AMT,
the Esprimo E5905 desktops, and main desktop management
applications will be able to retrieve the information stored in the
flash memory and incorporate it into their feature set.
Intel's own IT department believes AMT will save the company at
least $16m (£9.2m ) annually in asset management and client
computer support.
ISO/IEC 19770: standard for risk, cost and
competitiveness
This new standard was developed as a guide to what issues
software asset management should address:
- Risk management - to impact the risk of interruption to IT
services; the risk of deterioration in the quality of IT services;
the risks of legal and regulatory exposure through non-compliance;
and the risk of damage to the company image arising from these
incidents.
- Cost control - through possible reductions in the direct costs
of software and related assets, through better negotiating of
pricing and contracts; reductions in time and cost in negotiating
new contracts through better asset information; reductions in costs
through better forecasting and budgeting for future investment;
reduction in infrastructure costs by assessing whether management
processes are efficient and effective; reduction in support
costs.
- Competitive advantage - better quality decision making (for IT
procurement and system development) through better infrastructure
information; faster deployment of new systems and increased
functionality; the ability to manage transitions in IT environments
especially when due to business acquisitions, mergers or demergers;
better employee motivation and client satisfaction due to fewer IT
problems.