Kacin Point

Community Driven Systems Management

The development of user generated content has taken the Internet by storm – but mostly we hear about websites such as MySpace, YouTube and Digg. However, there are other focused communities that have formed with a very positive impact on their readers and contributors. In the systems management area, one such community leading the way is AppDeploy.com. This site offers computer administrators a free and easy way to search for answers and best practices with command line switches, registry information, feature articles, reviews, product summaries, message boards, downloads and more – all organized by application and vendor. Over the past 10 years, this website has grown to 100,000 unique monthly visitors with over 16,000 registered and contributing members. 


At KACE, we realized that if we could deliver the information available on AppDeploy.com directly into the KBOX Systems Management Appliance that we could make it exceptionally easy for KBOX customers to gain valuable information when they need it, without having to search for it. Even more powerful and to the benefit of all systems administrators (whether they use KBOX or not), we’ve been able to use the growing KBOX community to automatically collect information and make it available through AppDeploy.com. This has enabled the AppDeploy database to expand to over 60,000 titles.  These two ideas together form the basis of AppDeploy Live.


AppDeploy Live is a breakthrough in systems management bringing together two communities to solve the everyday issues that computer administrators face. As a KACE founder, our initial vision to “make systems management more like TiVO and less like systems management” is one step closer in coming true.

June 27, 2007 in IT Management | Permalink | Comments (1) | TrackBack (0)

Seeing Green – Ecologically and Money

Going green could help get you out of the red.  Within IT, “saving power” is a hot topic and really a multidimensional win for everyone – saving energy, money, and the ecology all in one shot!

Here are some ways of maximizing your green by using your IT Automation solution:


Automatic Computer Shutdowns

Decide on a good time to schedule the automatic shutdown of end-user computers.  End-user machines (as opposed to servers or network gear) are likely to be unused during some portion of the day/night and weekends.  When automatically shutting down those machines, instantiate policies that:

A)      Automatically detect that the machine is idle and/or

B)      Prompt the user nicely if this is an OK time to power down the machine


Clearly you don’t want to auto-down a machine that has open/unsaved files or a machine that the user is still currently using.  I recommend tying together one of the policies above with the actual shutdown procedure.  The nice thing about prompting the user before shutdown is that it not only reminds them to save changes; it allows them to defer the shutdown until they are done working for the night.  This is an optimal approach as the machine will only be powered up while it is in actual use – no guessing required.  As with KBOX, users have the option to defer (snooze) actions per various time intervals allowing them to balance “schedule interruptions” with their work schedule.  Definitely include detailed info in your system tray or desktop messages about when the shutdown will occur exactly and that the users should save and close all windows in a timely manner.  Always, provide extended “time outs” to your user shutdown messages allowing ample time for the user to over-ride the shutdown sequence.


Additionally, I really like including the monitor shutdown and/or screen saver actions directly within the above policy or script definition.  Where possible, I would include actions to sleep connected USB devices or other peripherals.  A bonus with KBOX scripts is that they can be executed even when the end-users computer is off of the corporate network - the auto-down scripts can even be scheduled differently for weekend days when the machine might be at the user home.  This doesn’t necessarily save the corporate dollar but still maximizes the overall utility of power management.

If you really want to get fancy with KBOX Scripts, auto-down scripts could automatically verify if certain user processes are currently running prior to prompting the user for shutdown.   In this way, if the user is away from their computer, you can still safely and gracefully shutdown the machine without worry for application data loss.


When to Wake-on-LAN

WOL is great facility that should be integrated into all systems management solutions.  However, just because you have the ability to wake a machine automatically, doesn’t mean you should.  For the machines that fall into the “end user” category as described above, I would recommend to only automatically wake those machines if one of the following conditions exist:

1)       The target population of machines is scheduled to have software patches, updates, or new installations.  In this case, schedule the maintenance to be performed “at boot” of the system so that long updates can be triggered from the moment the computer awakes allowing the computer to be ready for use by the time the user arrives.

2)       The target population is scheduled to have a full lengthy security scan or other routine maintenance performed either for that specific day or as part of a daily routine.  WOL will allow the user to bypass necessary but unproductive waits that could occur during long scans or maintenance activity.

3)       The target population of machines is scheduled to undergo maintenance during a time period where no users will actually be in attendance.  For example, services a computer pool on a Saturday morning when users will not be working nor available to power up the machines themselves.


I’m a believer that outside of these conditions, end users should normally just be allowed to power on their own computers at the beginning of their work day.  I don’t think anyone will be (or should be) too shunned by having to wait a minute or two before gaining access to their desktop at the start of the day.  The benefit is that only machines really in use that day will be powered up at all.


WOL nicely fits into the ongoing management and power savings of “server” machines.  Everyone’s server environment is different, but with a flexible automation solution, you should be able to create a policy or script that mirrors your server and server application production environment with power savings activities.

Additionally, “guest machine pools” or “kiosk” machines are great candidates for automatic shutdown and wake.  Depending on the corporate environment, these types of machines are rarely used during off business hours.


Other Resources

As an aside, ENERGY STAR, which is sponsored by the US Environmental Protection Agency and US Department of Energy, has developed some standards in this area and even supplies software that can facilitate energy management. Check out the energy savings calculator to see how the green translates to the real world affects. 

And, thanks to all the KBOX users that deployed such energy savings measures well before it became popular!

March 20, 2007 in IT Management | Permalink | Comments (2) | TrackBack (0)

Where Oh Where Can My Assets Be?

KACE has just announced an upgrade to the original KBOX 1000 Series appliance. The new upgrade has a number of items but the big one that I want to write about today is our enhancements around IT asset management.  Asset management is one of those phrases that can mean different things to different people – and is certainly thought of differently depending on the size of the organization managing those assets.

Many of the KBOX customers had no real asset management prior to their purchasing a KBOX – or if they did it was a spreadsheet that logged the hardware when it was purchased and who it was initially assigned to. For those customers, just having the KBOX report in real time the status of the hardware and software on their network was a huge step forward in “asset management”. However, as our customers became more sophisticated in their use of the KBOX and as we attracted larger organizations, we saw the need to bring in additional asset management features.

The new KBOX Asset Management module really provides the features needed to audit, track and reconcile traditional computer assets (hardware and software) as well as any non-computer asset you want to enter. The database includes the flexibility to add new asset types and relationships, custom fields and you can import data as well.  Full vendor, contract and service information can be included. The computer assets are integrated into the real-time computer inventory of the KBOX. Unlike other asset management solutions, we do not have separate databases that have to be synchronized so all the information is always up-to-date. Complete asset history including asset relationship changes over time is now available with the KBOX (a feature that was requested many times by current KBOX customers). Of course, software metering/licensing and reconciling financial and asset data is now available. And, it’s all driven using a flexible built-in reporting engine - or export the data or use ODBC with your own reporting tool.

As CTO at KACE, I have to comment on another major technical difference between the KBOX implementation and others. Since we continue to be focused on the KISS principle (Keep It Simple, Stupid) we never want to add complication to the rollout of the KBOX. Therefore, we don’t heap new agents onto client machines to add to the complexity and management. Instead, with the help of some of our really good engineers, we have an extensible KBOX Agent that allows us to add support for new functionality into one agent making for easier management and higher reliability. Oh, lastly, I almost forgot to mention that the KBOX Asset Management Module is fully integrated into the standard KBOX user interface – not designed by some other group and then bolted on at the last minute.

March 01, 2007 in IT Management | Permalink | Comments (0) | TrackBack (0)

Getting Some Recognition for the KBOX

This week KACE issued a press release about a new analyst paper published by Enterprise Management Associates (EMA). The paper does an outstanding job of really highlighting the benefits of the KBOX – especially against our largest competitors: Altiris, LANDesk and Microsoft’s SMS. The conclusion of the paper makes me proud. As some of you may remember back in my first blog entry, I talked about how we founded KACE because we wanted to bring Tivo-like ease-of-use, rollout and cost, especially to organizations with less than 5000 computers. Well, just four years later, it’s nice to see outside recognition that we are delivering on that promise. Quoting from the conclusion of the report:

“Each of these solutions has different strengths and limitations, and each enterprise must meet its own require­ments, but it is clear that KBOX appliances from KACE provide substantially equivalent—and in some cases superior—capabilities to Altiris, LANDesk, and Microsoft SMS in critical disciplines. It may not be suitable for all enterprises, but KBOX appliance pricing is very competitive, and as an appliance-based solution avoids the high hardware and software costs, and related maintenance effort, required by its major competitors. Factoring in these costs, a KBOX solution can cost as little as one quarter of its software-only rivals. With its ease of use and fast time-to-value, KBOX appliances present a very attractive alternative to Altiris, LANDesk, or Microsoft SMS.”

Now, some folks might be skeptical and think that KACE wrote this paper or controlled what EMA said in the paper. I went and grilled our marketing team, just to be sure. Here’s what they told me:

KACE did indeed contract with EMA and specifically with senior analyst Andi Mann to do the research and write this report. We asked that it be an apples-to-apples competitive comparison of the four vendor’s products. We have done analyst briefings with Andi over the past year about the KBOX and the value of an Appliance-based approach – the same briefings we’ve done with analysts from other firms. Beyond that, the paper was researched and written by Andi and others at EMA.

You may ask, why did KACE pay to have this paper written? It turns out that vendor’s who products are focused exclusively on the mid-market (or the Fortune 100,000 as we like to call it) have a tough time getting coverage from the larger analyst firms such as Gartner and Forrester. Those firms focus primarily on very large enterprises (Fortune 500) and the vendors that cater to those enterprises. For instance, to be included in the Gartner Magic Quadrant on PC Lifecycle Management a vendor has to support environments of >35,000 users as demonstrated by customer references. The only way KACE can get coverage is to commission a report. Of course, we’re not the only vendor that pays. A rather larger percentage of the reports generated by the analyst community are vendor sponsored. After all, they too have to earn a living!

However, even when a report is commissioned by a vendor, a reputable firm such as EMA will only publish what they independently have researched to be true. That’s why I’m excited about this latest EMA report. It really does recognize, in quantifiable terms, the savings that KBOX can offer and shows that we have, in a very short period of time, created a product that is on par with companies that have been around a lot longer then we have. I’m proud of what KACE has accomplished with the KBOX….and even more excited about what’s to come. So stay tuned!

February 16, 2007 in IT Management | Permalink | Comments (0) | TrackBack (0)

When it's time to change, you've got to rearrange...

The Energy Policy Act of 2005 established dozens of new policies designed to promote energy efficiency in the US. Little did legislators know that it would also produce a computer glitch reminiscent (albeit on a small scale) of the infamous Y2K bug.

It turns out that this legislation included a provision that altered the start and end date for Daylight Savings Time. Who cares? Your computer cares.

While the potential for disaster here does not rival the overblown Y2K phenomenon, there is potential for erroneous performance in the computing world. Computer operating systems and applications, of course, depend on clocks and time to coordinate everything from calendaring to messaging to file storage and more.  There’s actually a good, in-depth write-up on the implications for computer systems on the IEEE IT Professional Web Site.

So, once again, it’s recall time…and the race is on. Computer users and IT managers are on the hook to determine which machines are likely to suffer problems and apply the appropriate fixes before March 11, 2007. For organizations to be fully prepared, they’ll need an organized IT staff, reasonably powerful tools for identifying which computers need repair and automation capabilities for deploying patches and updates on computer platforms of all types.

Microsoft (MSFT: www.microsoft.com ) has made this relatively easy for customers deployed on Windows XP by providing discrete OS patches for this problem; however, things aren’t so easy for customers on older Windows 2000 platforms or mixed environments that could include Linux, Unix or Macintosh. And, even in the most straightforward case, customers still must verify that these patches have been uniformly applied to their computing infrastructure.  And, once they’ve patched the OS, they’ll need to verify that there are no application-level problems that they should expect.

All of this reinforces the recurring theme that it’s important for organizations of all sizes to have accurate data about what systems are in use and how they are configured. What’s more, they need tools that can easily and accurately apply configuration changes, repairs or new software to existing systems. Many Fortune 1000 companies have either developed or purchased systems with these capabilities. However, it’s the next 100,000 companies (the Fortune 100,000 as we like to call it) who have had limited access to solutions that provide continuous insight and instantaneous repair/remediation capabilities.

That’s why KACE (www.kace.com) developed the KBOX product line – an all-in-one, appliance-based offering that provides continuous lifecycle management. We’ve made a business of providing the Fortune 100,000 with the IT Automation tools that give them the visibility they need to identify which systems will be affected by problems (like the Daylight Savings Time change) and to repair those systems once identified.

February 05, 2007 in IT Management, Web/Tech | Permalink | Comments (0) | TrackBack (0)

Altiris shareholders win; customers pay the price

As a company that competes with Altiris (ALTRS: www.altiris.com), we at KACE (www.kace.com) have been following the rumors that Altiris has been shopping itself for over a year.  We first heard the rumor during the summer of 2005 and the rumor mill has been consistent on the topic since then.  Altiris has enjoyed a huge stock run-up in recent months jumping from about $16 in July to over $32 today presumably on acquisition rumors and one key partnership announcement – so shareholders ought to be pleased. 

Unfortunately for Altiris customers and Symantec (SYMC: www.symantec.com) shareholders, this marriage was not made in heaven.

(see the press release)

So what’s the good, the bad and the ugly of this deal?

  1. The Good: Security and Systems Management Together

    The central message and rationale for this combination is that security and systems management go hand-in-hand from the customers’ perspective.  We agree that good systems management practices are a cornerstone to any reasonable security strategy.  We would even argue that Systems Management is the umbrella underneath which security ought to be rightfully managed.  So, Symantec, congratulations on a bold move!
  2. The Bad: Product Overlap and Integration Challenges

    While there are some product synergies in this deal, there are also some areas of potential conflict.  For example, both Altiris and Symantec have been at one another’s throats regarding Imaging and Systems Deployment capabilities.  Ghost is Symantec’s main play in this space and Altiris has their own technology and the two have been in a patent feud for some time.  Will these two now become one?  And, what of Symantec’s Policy Management and Compliance Management capabilities… how will they mix with Altiris’ solutions in this space?  My guess is that the center of gravity from a development perspective will remain with Symantec and, therefore, the Altiris installed base will be adapt to these changes or look for other solutions.
  3. The Ugly: Symantec is Embattled and Has a History of Failed Acquisitions

    Most pundits agree that Symantec is in a world of hurt.  Microsoft is going right after their core business with their Vista platform (adding more core security capabilities) and, to make matters worse, Symantec has suffered recent earnings misses.   All of this on top of continued accusations that they’ve failed to properly integrate and capitalize on both large and small acquisitions in the past (e.g., Veritas, ON Technology, Sygate).  If Symantec fails again, it will come at a high price to Altiris customers who have spent close to a billion dollars deploying Altiris solutions into their companies.
  4. The Good (for KACE): Jekyll & Hyde Meets the Mid-market

    Altiris likes to talk about its position in the mid-sized enterprise, but the reality is that they’ve buttered their bread in the enterprise space.  Symantec suffers a split personality with extensive support for individual consumer customers and the enterprise; yet, they’ve failed to develop strong products for the Fortune 100,000 (the 100,000 companies that fall just outside the Fortune 1000).  To be clear, Symantec has large market share in all segments.  The question is whether or not they can deliver systems management products into this important mid-market segment.  We think not. 

    What the mid-market really cares about is ease-of-use, good value and a complete solution.  These are three things that Symantec/Altiris cannot deliver given all of the challenges outlined above and it seems clear that they will not for a very long time.  And, these are three things that create an open playing-field for companies like KACE.

Raising the awareness that Systems Management is core to any security is a good thing.  And, we believe, end-point systems management will drive the systems management and security markets for years.  Will Symantec be able to put the pieces together and emerge with a suite of market leading products?  We don’t think so.

If you’re interested in what others think about this topic, one interesting blog from Alan Shimel sums up the opinions of several others.

January 30, 2007 in Mid-market, Web/Tech | Permalink | Comments (24) | TrackBack (0)

Agent-based vs. agentless technology--do we have to choose?

We all know that a lot of IT departments are working under impossible resource limitations and time constraints, yet they’re still expected to deal with the latest security issues that threaten at every moment. So IT staff need the best tools to help them respond quickly and effectively to emerging threats without taking on any additional systems management hassles.

Agent-based solutions give a lot of in-depth systems visibility and control, but they also require a lot of resources and time to manage them. And while agentless platforms cost a lot less to deploy and manage, some IT professionals think they also offer less comprehensive functionality than agent-based solutions.

So what’s really best—agent-less or agent-based operations? Both bring a lot of positives to the table, so it all depends on your point of view:

Agentless pros:
•    No client footprint
•    True instant deployment
•    No provisioning requirements

Agent-based pros:
•    Allows total administrative control of machine
•    Ensures interoperability of 3rd party software
•    Gives ability to perform lower-level functions

These days, agentless solutions are more capable than ever, and newer “hybridized” solutions using both agentless and agent-based allow companies to reap the benefits of both. EMA wrote in a 2005 case study that “companies should consider altering their monitoring strategy to use an agentless solution throughout the enterprise supplemented by agent-based point solutions where appropriate.”

At KACE, we tend to agree that systems management is best served by a combination of agentless and agent-based technologies, so we built our KBOX Series 1000 appliances to take advantage of that. KBOX 1000 Series offers agent support for Windows, Mac, Solaris and Linux, manages agent and agentless nodes, and uses both managed virtual agents and agent-less network scanning for systems inventory. It brings the best of both worlds to mid-market companies.

January 23, 2007 in IT Management, Web/Tech | Permalink | Comments (3) | TrackBack (0)

Cisco Validates Appliance-based Software Delivery

A lot of people were interested in the January 4 announcement that Cisco is purchasing IronPort for $830 million (well, at least they were interested in IronPort news before the iPhone argument between Apple and Cisco got in full swing).

IronPort, a five-year-old, privately held company, makes appliances for Web security and management. From our perspective, this deal certainly seems like a big validation that appliance-based software has an important place in enterprise software ecosystem.

But this notion of appliance-based delivery still seems to be flying under the radar a bit.

In an unscientific search, I found:
- 500 stories on Google News on the Cisco, IronPort acquisition.
- 114 of those stories mentioned anything about an appliance.

If we’ve learned anything this week, it’s that KACE is onto something with Appliance-based Software Delivery (AbSD). It’s just a matter of time before the press realizes how big this appliance thing is.

January 18, 2007 in Appliance-based software delivery | Permalink | Comments (3) | TrackBack (0)

Unified management console consolidates your company's security efforts

Stand-alone products that help control and manage desktops, laptops and servers on your network (plus all those Blackberries, cell phones and other mobile network-ready devices) are all well and good. But having a bunch of management products can be a pain--especially with growing concerns about end point vulnerabilities and security. A unified management console (UMC) can alleviate these issues by giving IT managers a comprehensive view of their entire network and the condition and security status of networked devices, all at once.

UMCs do away with the need for multiple management access points, making it easier to deploy, configure and manage your security efforts across the network. UMCs enable IT admins to see and gain access to the entire network landscape from one place, allowing easier and more effective management of all networked devices. They help reduce overall costs of these tasks by allowing IT staff to perform them from one place, improving overall manageability and end point security. UMCs also make it simpler to integrate security tools from multiple vendors.

Reporting is another big pain that a UMC can help alleviate. With a UMC, network-level and end-point-level policies and reports are performed in the same context, allowing a real-time, top-to-bottom picture of the network. At KACE, we wanted to bring these benefits to our customers in an affordable, easy-to-use appliance, so we developed KBOX 1000 Series Systems Management Appliances with the KBOX Management Center.

The KBOX Management Center is a Web-based unified management console that enables all administrative functions from any network-allowable location, and when used with KBOX Security Audit and Enforcement Module, it manages 3rd-party security software and solutions. With KBOX 1000 appliances, IT staff can find and remediate problems quickly, reducing the time have to they spend finding and fixing security vulnerabilities, and allowing them to redirect their efforts toward strategic IT initiatives that boost your company’s ability to move forward.

December 29, 2006 in Security | Permalink | Comments (0) | TrackBack (0)

Technorati Profile

December 21, 2006 | Permalink | Comments (0) | TrackBack (0)

»

About

Recent Posts

  • Community Driven Systems Management
  • Seeing Green – Ecologically and Money
  • Where Oh Where Can My Assets Be?
  • Getting Some Recognition for the KBOX
  • When it's time to change, you've got to rearrange...
  • Altiris shareholders win; customers pay the price
  • Agent-based vs. agentless technology--do we have to choose?
  • Cisco Validates Appliance-based Software Delivery
  • Unified management console consolidates your company's security efforts
  • Technorati Profile
Subscribe to this blog's feed

Categories

  • Appliance-based software delivery (4)
  • IT Management (7)
  • Mid-market (2)
  • Security (3)
  • Software as a Service (2)
  • Web/Tech (5)
See More