According to recent studies, most IT managers are failing in their objectives to manage their company’s desktop environment - a failure that continues to drive up the cost of ownership for PCs. Is there a simple solution?
Managing the Cost and Complexity of Desktop PCs
Over the past several years, IT managers have been struggling with the ever-increasing strain of managing desktop PCs. Because nodes are continually being added to the network and PC vendors are constantly introducing more sophisticated operating systems and applications, IT managers are always behind the curve trying to keep the desktop updated and supported. This challenge is magnified by the tendency of end users to add new (and potentially disruptive) software and hardware to their PCs.
The sheer number of PCs on the network also creates administrative problems. Distributing something as simple as an upgraded device driver throughout the organisation can become a major, time-consuming operation. And because few organisations replace all of their PCs at one time, multiple generations of technologies are typically present simultaneously, exacerbating support problems.
IT managers are also faced with the additional support burden that comes with putting significant computing power in the hands of non-technical employees. This support burden includes direct and indirect training costs, the costs associated with either creating an internal PC help desk or contracting for outside support services, and the so-called "shadow costs" associated with co-workers who become informal help desk support for their colleagues.
These escalating costs associated with managing the desktop environment are well documented, but the solution is far from clear. In fact, there are numerous ways in which companies have tried to lower the cost of PC ownership over the last several years, from top-down management to moving to a new generation of network computers. None of these approaches is either inexpensive or, thus far, effective. The following is a look at these conventional approaches and an overview of a far more cost-effective and demonstrably successful solution: boot ROM technology.
Top-down management and networked computers
First let's look at the top-down management approaches that companies traditionally rely on to get their desktops under control. Essentially, there are three approaches: integrated management toolsets, desktop standardisation, and installing network or diskless computers.
Integrated management toolsets
Integrated management toolsets or frameworks are a customised set of tools provided by vendors. Historically, these toolsets are expensive to build and maintain, and there is always a lag between the management tools and desktop changes, which usually results in the management toolset being six to nine months behind the PC environment.
Another typical strategy that IT managers use is to standardise the desktop in order to make it more manageable. With desktop standardisation, all PC configurations are kept strictly identical and only one vendor's products are purchased. Not only does this eliminate variations, it also allows vendor-specific management tools to be employed with good results.
Disadvantages of this approach include a loss of creativity and vendor lock-in. Uniformity is not what spurred the explosion of PC-based LANs. Adaptability and choice were ( and still are ( the driving forces behind the technology. By standardising the desktop, companies risk losing the value of the personal computing environment. Strict desktop standardisation also requires that companies commit to a single vendor or technology, which may limit migration options and other choices later.
The network computer
One of the hottest issues in the IT community today is the so-called network computer or diskless computer. The network computer is workstation specifically designed to eliminate the management headaches associated with the conventional PC. The network computer loads applications and data from LAN servers. By centralising applications and data at the server, a network computer gives IT managers centralised control of these resources.
There are several downsides to the network computer, including:
( The cost of retooling the corporate computing environment with a radically new computing paradigm
( The complexity of a mixed environment of existing PCs and network computers
( Uncertainty over a new, unproven architecture and a lack of availability of these new devices
( The additional burden that network computers would place on the network in terms of additional traffic
( The vulnerability of end users in case the network goes down.
The boot ROM alternative
There is an alternative to all of the above approaches that is inexpensive, available today, and able to solve a significant portion of desktop management issues. This solution is network booting using boot ROM technology. Network booting does more than ensure proper power-up; it also runs diagnostics, checks for viruses, and picks up system changes before the operating system even loads. In fact, this simple, proven solution has the ability to lower the total cost of PC.
Boot ROMs are firmware-equipped chips that are installed on the network interface card (NIC) at the desktop. When the PC is powered on, the boot ROM immediately directs the PC to boot from a set of configuration files (or boot images) located on network file servers. Boot ROMs provide much more effective control of desktop configurations than software-based solutions, which must wait for the PC to fully boot and attach itself to the network before they can act on it. In fact, simply adding a NIC with boot ROM capabilities achieves much of the same result as diskless computers without spending thousands of pounds to replace each existing PC.
The benefits of boot ROM
There are numerous advantages to using boot ROM technology, including its flexible design, ease of use, security, cost savings, and migration support. These and other benefits are discussed in the sections that follow.
Boot ROMs give network managers the option of using centralised booting or a combination of centralised and remote booting. Administrators can eliminate the headaches of file distribution associated with booting from local hard drives and even forego local hard drives altogether. Or they can continue using local hard drives for specific applications and/or data storage functions.
More efficient updates
Rather than having to copy files out to hundreds of individual desktops ( and flood the network with additional traffic ( IT managers can make changes at a single point and update hundreds or thousands of clients in just minutes. And because all changes are executed on the file server, boot file changes can be executed even when PCs are turned off or in use.
Because IT managers can execute updates with less time and effort, they are more likely to make incremental modifications that they would previously have avoided. Such system "tweaks" can often optimise workstation performance or resolve chronic, but relatively minor, problems. By streamlining the change process, boot ROMs make it more practical for IT managers to make these small but important changes that would otherwise not be worth the effort.
Server-based booting eliminates the possibility of end users altering their boot files during the course of the workday. The nature of desktop operating systems makes it easy for users to cause these kinds of changes without even realising it, as they make other seemingly innocuous adjustments to their machines. The resulting problem may not surface until the next time they power up their PC.
Boot sector viruses are extremely dangerous, because they can attack files before most conventional virus protection software can take effect. Client PCs are generally much more exposed to common sources of virus infection, such as infected floppies or unauthorised software. By maintaining pristine boot files on the server, LAN administrators can ensure that client PCs boot without activating these viruses, allowing anti-virus applications to do their work effectively. The use of anti-virus firmware in the boot ROM virtually eliminates the possibility of infection from any known source.
There are other security benefits as well. When a PC boots from the server, access to critical boot files is restricted to IT staff, and connections to secure servers can be blocked.
Reduced support costs
Rather than requiring extended local boot image configuration, LAN administrators can quickly build network-ready workstations. The combination of PC, LAN adapter, and boot ROM is as close to a plug-and-play solution as the industry currently offers.
Studies show that nearly half of all help desk calls are related to booting problems. Because the failure to boot properly often results in an inability to attach to the network, all of the remote management tools at the administrator's disposal are of no use. As a result, technicians have to walk to the user's office to resolve the problem, which is far more labour-intensive and expensive. It also means that the end-user is down longer, which translates into reduced productivity for the organisation. Boot ROMs instantly eliminate the high percentage of support calls related to the failure of PCs to boot properly.
Protects equipment investments
Perhaps the most compelling argument in favour of using boot ROMs is that no massive retooling or reinvestment is required. Boot ROMs are available today for most leading brands of NICs. The implementation costs for retrofitting existing PCs with boot ROMs are very low and the incremental cost for purchasing new PCs with boot ROMs pre-installed is even less.
Boot ROMs provide good investment protection as well. Boot ROMs are equipped with flash memory, so they can be software-upgraded as new requirements emerge.
Suitable for distributed organisations
In many industries with distributed operation ( such as airlines, retailers, financial institutions, etc ( hundreds of machines have to be powered up simultaneously, as soon as the company opens for business. If these companies use conventional remote booting with Trivial File Transfer Protocol (TFTP), each client that requests a file or group of files starts its own TFTP service. This massive requirement for I/O on the server can cause severe network congestion or even a server crash.
Alternatively, these companies can take advantage of multicast booting, which enables large numbers of PCs to boot simultaneously while appearing to the network and the server as a single client. When one PC requests a file or group of files, the other PCs simply "listen in" on the network and pick up the transmission. After the requesting machine has booted, the listening PCs request any missing information and the server broadcasts that information to the remaining machines.
A user-friendly solution
One final advantage of network booting is that it is completely transparent to the end-user and requires no intervention on their part. This means no extra training and no support hassles. For those users who might need to override a network boot, IT managers can enable this feature easily. And if users encounter any difficulty with a modified boot image, they can easily toggle to a pristine image on the server ( without calling a help desk or losing valuable time.
Boot ROMs are a proven technology; over four million PCs have been equipped with boot ROMs over the past decade, with consistently outstanding results. However, until now this solution has not been highly publicised. The only reason more PCs and NICs aren't shipped with boot ROMs is that users haven't demanded it. It is therefore up to technology consumers to specify this inexpensive and highly effective desktop management solution as part of their equipment requirements. It is time for the industry to take another look at a tried-and-true approach that's been quietly waiting for higher recognition ( boot ROMs, the solution for managing the desktop.
Compiled by Richard Pitt from the 3Com website
Read more on PC hardware
The University of Kingston is about to start the second phase of a desktop virtualisation project to migrate off Windows XP.
Speaking at IP Expo, Daniel...