When it's time to change, you've got to rearrange...

The Energy Policy Act of 2005 established dozens of new policies designed to promote energy efficiency in the US. Little did legislators know that it would also produce a computer glitch reminiscent (albeit on a small scale) of the infamous Y2K bug.

It turns out that this legislation included a provision that altered the start and end date for Daylight Savings Time. Who cares? Your computer cares.

While the potential for disaster here does not rival the overblown Y2K phenomenon, there is potential for erroneous performance in the computing world. Computer operating systems and applications, of course, depend on clocks and time to coordinate everything from calendaring to messaging to file storage and more.  There’s actually a good, in-depth write-up on the implications for computer systems on the IEEE IT Professional Web Site.

So, once again, it’s recall time…and the race is on. Computer users and IT managers are on the hook to determine which machines are likely to suffer problems and apply the appropriate fixes before March 11, 2007. For organizations to be fully prepared, they’ll need an organized IT staff, reasonably powerful tools for identifying which computers need repair and automation capabilities for deploying patches and updates on computer platforms of all types.

Microsoft (MSFT: www.microsoft.com ) has made this relatively easy for customers deployed on Windows XP by providing discrete OS patches for this problem; however, things aren’t so easy for customers on older Windows 2000 platforms or mixed environments that could include Linux, Unix or Macintosh. And, even in the most straightforward case, customers still must verify that these patches have been uniformly applied to their computing infrastructure.  And, once they’ve patched the OS, they’ll need to verify that there are no application-level problems that they should expect.

All of this reinforces the recurring theme that it’s important for organizations of all sizes to have accurate data about what systems are in use and how they are configured. What’s more, they need tools that can easily and accurately apply configuration changes, repairs or new software to existing systems. Many Fortune 1000 companies have either developed or purchased systems with these capabilities. However, it’s the next 100,000 companies (the Fortune 100,000 as we like to call it) who have had limited access to solutions that provide continuous insight and instantaneous repair/remediation capabilities.

That’s why KACE (www.kace.com) developed the KBOX product line – an all-in-one, appliance-based offering that provides continuous lifecycle management. We’ve made a business of providing the Fortune 100,000 with the IT Automation tools that give them the visibility they need to identify which systems will be affected by problems (like the Daylight Savings Time change) and to repair those systems once identified.

Altiris shareholders win; customers pay the price

As a company that competes with Altiris (ALTRS: www.altiris.com), we at KACE (www.kace.com) have been following the rumors that Altiris has been shopping itself for over a year.  We first heard the rumor during the summer of 2005 and the rumor mill has been consistent on the topic since then.  Altiris has enjoyed a huge stock run-up in recent months jumping from about $16 in July to over $32 today presumably on acquisition rumors and one key partnership announcement – so shareholders ought to be pleased. 

Unfortunately for Altiris customers and Symantec (SYMC: www.symantec.com) shareholders, this marriage was not made in heaven.

(see the press release)

So what’s the good, the bad and the ugly of this deal?

1. The Good: Security and Systems Management Together
   
   The central message and rationale for this combination is that security and systems management go hand-in-hand from the customers’ perspective.  We agree that good systems management practices are a cornerstone to any reasonable security strategy.  We would even argue that Systems Management is the umbrella underneath which security ought to be rightfully managed.  So, Symantec, congratulations on a bold move!
2. The Bad: Product Overlap and Integration Challenges
   
   While there are some product synergies in this deal, there are also some areas of potential conflict.  For example, both Altiris and Symantec have been at one another’s throats regarding Imaging and Systems Deployment capabilities.  Ghost is Symantec’s main play in this space and Altiris has their own technology and the two have been in a patent feud for some time.  Will these two now become one?  And, what of Symantec’s Policy Management and Compliance Management capabilities… how will they mix with Altiris’ solutions in this space?  My guess is that the center of gravity from a development perspective will remain with Symantec and, therefore, the Altiris installed base will be adapt to these changes or look for other solutions.
3. The Ugly: Symantec is Embattled and Has a History of Failed Acquisitions
   
   Most pundits agree that Symantec is in a world of hurt.  Microsoft is going right after their core business with their Vista platform (adding more core security capabilities) and, to make matters worse, Symantec has suffered recent earnings misses.   All of this on top of continued accusations that they’ve failed to properly integrate and capitalize on both large and small acquisitions in the past (e.g., Veritas, ON Technology, Sygate).  If Symantec fails again, it will come at a high price to Altiris customers who have spent close to a billion dollars deploying Altiris solutions into their companies.
4. The Good (for KACE): Jekyll & Hyde Meets the Mid-market
   
   Altiris likes to talk about its position in the mid-sized enterprise, but the reality is that they’ve buttered their bread in the enterprise space.  Symantec suffers a split personality with extensive support for individual consumer customers and the enterprise; yet, they’ve failed to develop strong products for the Fortune 100,000 (the 100,000 companies that fall just outside the Fortune 1000).  To be clear, Symantec has large market share in all segments.  The question is whether or not they can deliver systems management products into this important mid-market segment.  We think not. 
   
   What the mid-market really cares about is ease-of-use, good value and a complete solution.  These are three things that Symantec/Altiris cannot deliver given all of the challenges outlined above and it seems clear that they will not for a very long time.  And, these are three things that create an open playing-field for companies like KACE.

Raising the awareness that Systems Management is core to any security is a good thing.  And, we believe, end-point systems management will drive the systems management and security markets for years.  Will Symantec be able to put the pieces together and emerge with a suite of market leading products?  We don’t think so.

If you’re interested in what others think about this topic, one interesting blog from Alan Shimel sums up the opinions of several others.

Agent-based vs. agentless technology--do we have to choose?

We all know that a lot of IT departments are working under impossible resource limitations and time constraints, yet they’re still expected to deal with the latest security issues that threaten at every moment. So IT staff need the best tools to help them respond quickly and effectively to emerging threats without taking on any additional systems management hassles.

Agent-based solutions give a lot of in-depth systems visibility and control, but they also require a lot of resources and time to manage them. And while agentless platforms cost a lot less to deploy and manage, some IT professionals think they also offer less comprehensive functionality than agent-based solutions.

So what’s really best—agent-less or agent-based operations? Both bring a lot of positives to the table, so it all depends on your point of view:

Agentless pros:
•    No client footprint
•    True instant deployment
•    No provisioning requirements

Agent-based pros:
•    Allows total administrative control of machine
•    Ensures interoperability of 3rd party software
•    Gives ability to perform lower-level functions

These days, agentless solutions are more capable than ever, and newer “hybridized” solutions using both agentless and agent-based allow companies to reap the benefits of both. EMA wrote in a 2005 case study that “companies should consider altering their monitoring strategy to use an agentless solution throughout the enterprise supplemented by agent-based point solutions where appropriate.”

At KACE, we tend to agree that systems management is best served by a combination of agentless and agent-based technologies, so we built our KBOX Series 1000 appliances to take advantage of that. KBOX 1000 Series offers agent support for Windows, Mac, Solaris and Linux, manages agent and agentless nodes, and uses both managed virtual agents and agent-less network scanning for systems inventory. It brings the best of both worlds to mid-market companies.

Thinking about Vista for security? Think again

The number of zero-day security flaws coming from Microsoft have been staggering lately. Probably not the press they needed leading up to the launch of Vista for businesses.

There are some rumblings that Vista will have improved manageability features. We don't know a lot about these yet, but we do know that responsible organizations don't focus just on perimeter security, but also end point security. This means you have to coordinate between security and systems management.

With more employees connecting devices to the corporate network such as PDAs and cell phones, security risks are as prevalent as ever. In a recent white paper, we offered up 5 tips for ways to tie together systems management and your security efforts.

You should note we don’t list "Buy Vista" among our suggestions.

Battery recalls tying up your mid-market organization? KBOX 1000 sniffs out IT inventory problems

The recent spate of laptop battery recalls—first Dell, and then Apple—left a lot of IT employees scrambling to determine which machines in their company inventory were on the potential hit list. Sending technicians to run a machine-by-machine check is time consuming, and when you throw in the wild card of dispersed offices and telecommuting, there’s a big chance that someone will miss a laptop here or there.

Similarly, requiring each member of the company’s user community to check their own laptops cuts into productivity, creates frustration, and is ultimately unreliable due to user error or slow reaction and compliance. 

Creating and maintaining an up-to-date record of equipment that spans all company locations (including telecommuters) might help a beleaguered IT department conduct a more targeted check, but who has the time and resources that this kind of perpetual upkeep requires?

In any case, these high-profile recall events made many IT managers aware of gaping holes in their current inventory tracking methods, and probably left them wondering how to prepare for the next inevitable threat.

At KACE, we’ve asked ourselves that question, and we think we’ve answered it in our KBOX 1000 Series Systems Management Appliances, the newest version just launched last week. The KBOX 1000’s hardware inventory functionality allows network-wide device discovery, so that IT managers can track and account for every machine—desktops, servers and laptops running Windows, Linux and MacOS—on the network. This helps quickly pinpoint machines by make and model, allowing for a more focused effort to find those with battery problems, or the many other issues that befall IT equipment at all hours of the day and night.

You can’t prevent these events from affecting your mid-sized organization, but with KBOX 1000 Series, you’ll at least know where to look first.