Feature:

Seizing control of the desktop

7 April 2005

Old-style client/server systems became expensive to maintain and update because of the ease with which users could change a standard configuration. Newer methods of desktop management are returning control to IT managers and resulting in significantly reduced costs, as Adam Lawrence reports.

When the development of the PC and the advance of client/server architecture put paid to the dominance of the mainframe in the 1980s, users cheered. Compared to mainframe terminals, even early PCs offered the user much greater power and flexibility. PCs and client/server networks spread rapidly, and users' productivity improved dramatically.

As time passed, though, the downside of the client/server revolution became clear. With user information, applications and the like stored on individual PCs, and the inevitable desire of users to install particular tools suited to their own specific needs, it was extremely difficult for IT and network managers to keep control of the software in use or the configuration of machines.

This confusion costs money, both directly and indirectly. Lack of control over software purchasing leads to waste, but lack of control over what applications are installed can be even more expensive: networks that have evolved in this way are characterised by multiple configurations, different versions of applications, incompatibility and very high support costs. Collaboration is made far more difficult when users have incompatible systems, and building point solutions to solve compatibility issues is time-consuming and costly.

Technological developments provide the solution. An organisation that has a common platform for all its IT, that has control over the deployment of applications to end users, and that can automate as much of its support activities as possible, is an efficient organisation. And, with systems based on the current generation of Microsoft technologies, these goals are becoming a reality.

The challenge of desktop management can be divided roughly into application deployment and management, identity management, security, and support. All need to be under close control if costs are to be kept down and the potential for collaboration is to be realised.

Managing the desktop in an organisation of any size is complex because of the sheer number of machines in use. Maintaining a support infrastructure of qualified and experienced engineers is an expense that most organisations can well do without: support, especially on-site support, costs a great deal of money.

One popular option is outsourcing. Passing the responsibility for managing the IT infrastructure to a specialist provider offers the possibility of reduced cost and better service ? and also, critically, a payment model that resembles a utility service rather than the traditional, capital intensive, approach to IT development ? but it is not always straightforward. Global Microsoft partner Getronics has extensive experience in providing outsourced solutions, and, as Getronics' Patrick Whitten explains, cost savings are dependent on clients embracing new technology. "On-site support can be up to ten times more expensive than moving to a remotely managed model," he says. "So the more services we can handle remotely, or the user can deal with through self-service, the better. For example, automatic password reset allows users to self-serve in this regard, but it is also tightly integrated with their security solutions. We've also introduced our RDX (Rapid Deployment eXperience) process to deploy applications from a central location at low cost: that can produce big savings."

Getronics' utility model allows clients to upgrade their technology without incurring massive capital costs, but the process of transferring can itself produce pains. "Legacy technology can be expensive to maintain, so there's an incentive for clients to migrate to newer solutions," says Whitten. "We work with clients, embracing their current platform, but it's always helpful to move to new technologies that are better suited to this kind of environment." Some may fear that this utility approach is a one-size-fits-all solution, ill-suited for organisations in which different users will have different needs, but Whitten emphasises this isn't the case. "It's important to align services with individuals' needs," he says. "A mobile salesman needs different tools from an administrator. But the need for central control of services doesn't change."

There are two basic ways to deal with the complexity of a typical desktop environment, says Gavin Bonny of HP. One is the traditional best practices route ? managing the system better, and trying to reduce complexity and hence cost ? while the more radical approach is to go down the path of centralisation. "Networks that have evolved are typically characterised by lots of different builds, with different operating systems, hardware options and the like," he explains. "That adds complexity and cost, as each build needs testing. The key is to implement desktop management policies that mean you won't find yourself facing the same problems being repeated in three years' time."

Bonny says that it's unrealistic for organisations running a complex IT infrastructure to try and impose a single, everything-stops-here, style of build. "You have to have a strategy: doing it piecemeal is a recipe for disaster," he says. "Technology is changing all the time, so you can't just say, 'We stop here,' but you must be able to say, 'This is our only build to encompass these technologies or this OS.'" HP itself uses a common operating environment called PCCOE that prescribes particular tools and only releases new technologies ? such as Windows XP Service Pack 2 ? once they have been fully tested with all the configurations supported by the COE. "We've operated this way for over ten years, starting with basic custom scripting," he says. "Custom scripting can be a huge cost for a large organisation, but there are now good tools to help you automate it, and the savings are worth it. HP has calculated we're saving US$200m (@150m) a year ? ten per cent of our IT budget ? as a result."

The alternative route to successful configuration management is to make use of the policy tools provided as an integral part of Microsoft Active Directory. Eric Voskuil, CTO of DesktopStandard, developer of the PolicyMaker suite of desktop management products, says that policy-based tools offer significant cost savings over scripting. "Scripting is custom development, and that costs money," he says. "I know of several large companies with hundreds of thousands of lines of script. You're back into programming as a network manager, and that's not sustainable in cost terms.

"You can't have an Active Directory-based network without using Group Policy, so companies already know how to use it," he says. "The challenge is to extend Group Policy to handle more aspects of configuration management." PolicyMaker can be used, for example, in application deployment scenarios to configure, secure and patch applications. The end-user environment may also be standardised to include tasks such as printer mapping, drive mapping and power options, and, says Voskuil, this gives big savings, both in terms of time and money.

Along with the growing complexity of enterprise IT infrastructures, the demand for automated solutions to manage all the infrastructure components increases. Automation of processes helps to reduce humdrum tasks but it is also useful to grant complete coverage and consistency of complex jobs. The installation of an infrastructure management system in a heterogeneous environment with hundreds or thousands of networked devices is such a challenging task. So why not automate the installation and configuration of distributed components of a management infrastructure?

That's one of the base ideas of Manage Now from Fujitsu Siemens Computers, a series of professional service solutions in the area of infrastructure management. The target of one of these solutions is to automate the software provisioning for a comprehensive client device management on an existing hardware infrastructure. The Manage Now Client Device Management (CDM) covers the areas of asset management, software delivery, remote control, and patch management or workplace delivery as an option. At the beginning of the process all configuration data is collected interactively. This helps to consider all required components at the very beginning of the process and avoids time consuming reconfigurations due to forgotten components. The individual configuration data is used to generate a bunch of scripts containing all the knowledge to install and configure all the necessary software components on all management nodes.

One of the results of this service is a ready-to-run solution based on long-term proven best practices within five days. Another feature is the project specific online documentation that is finally finished in the context of the process of generating the installation scripts. This helps customers and service staff to get a clear view about the current installed configuration at any time. Another advantage is the uniform Manage Now structure that allows easy handling of extensions or updates. Just enter the new information in another configuration dialogue and restart the installation. This grants a consistent configuration at any time.

The Manage Now Client Device Management solution supports Windows 2003 Server for the management nodes and all currently supported Windows operating systems on the client side. The available add-on for the Manage Now CDM patch management also supports the Microsoft patch management. For the basic management functionality Unicenter products are used from Computer Associates.

Security is the other key desktop management challenge. In theory, the increasing centralisation of networks should make security less of a problem, but the explosive growth in Internet traffic has meant that security threats have increased in proportion, making IT security costs a major headache for every organisation.

"Increased security does not mean increased spending," says Peter Stremus of security solutions specialist Internet Security Systems. "In the past, companies needed to invest in layered systems, with separate management and separate training, and this drove up the cost of security solutions."

The key, according to Stremus, is to move away from the traditional, reactive, view of security, and to take a more pre-emptive view. "A virus needs to be out there before someone can write a patch to protect against it," he explains. "Say it takes eight hours to get a patch out ? that's pretty quick work, but we know that a virus can travel around the world in 16 minutes."

Staying ahead of threats, thus, is vital. Stremus says the way to achieve this goal is to analyse network traffic for anomalies, prioritise risks and to use 'virtual patches' to protect servers where weaknesses have been identified. "When a vulnerability is identified, most organisations have a very rigorous policy about applying patches," he says. "Some companies would even prefer to risk infection than risk applying a patch that might have compatibility issues with the rest of their systems. We can block those holes without actual patching of the server. Although people still need to patch eventually ? because of the effect on their software ? we can put the decision on when to patch back into the hands of the IT manager."

Offshoring writ large Sporting environments represent a real challenge for IT providers. Characteristics of sporting organisations typically include tight budgets, high expectations and very short timetables. Nowhere is this more obvious than in the America's Cup, the highlight of the yachting calendar. America's Cup yachts are high-tech racing machines, designed, built, tweaked and raced using computers at every stage.

Parts of the next America's Cup will take place off Valencia in Spain in 2007, the previous Cup having been won by the Swiss-based Alinghi syndicate. French challenger Le D?fi will be making its third tilt at the Cup, and preparations are well underway, including a desktop IT infrastructure supplied by Citrix and its partner Neocles. "When the D?fi team came to us for their IT systems, we instantly thought of Citrix's Access infrastructure solution," says Herv? Leroux of Neocles. "This technology allows any type of application to be hosted centrally, and for Le D?fi, this included traditional Windows PC applications, but also specific AS/400 and Solaris applications that could not be changed. The team needed to be able to access all these applications regardless of geographic location, from any type of laptop and network. There is usually no wired Internet connection at training and regatta sites."

"Every day we have to be able to combine our resources to gain an edge over the other ten teams," says Xavier De Lesquen of Le D?fi. "We are highly mobile ? whether it be at design sessions or at sporting venues, or in various test laboratories. We also need to go to the different America's Cup sites in Spain, Italy and Germany. It is quite a burden bringing all the IT equipment with us. The Citrix solution means we don't have to bring it all; all we need is an Internet connection. This is why we like it so much ? it provides us with simple and easy access. I think that we were the first to run an entire IT system over 3G from the America's Cup site in Marseille.

"We are better able to judge expenditure than we were in the last America's Cup, and the new IT environment has enabled us to reduce our costs, as it is a cost per device for a group of applications. We have calculated that we are saving 35-40 per cent on our expenditure from last time.

"We are currently testing other applications in the Citrix environment to communicate the performance data recorded in real-time, and share this information not only between the racing boats we use for training, but also with the land-based team to provide them with up-to-the-minute information about what is happening on the water. Time is of the essence in the America's Cup, and so these precious time savings mean that we can adjust accordingly and might help us move up the leaderboard.

"The Citrix solution has given us endless possibilities. At the moment we are working with our partner Neocles and Citrix technology on systems that will allow all of the boats being tested in the water to access real-time information and data running on servers located in St Ouen, near Paris. Even though the boats are sailing in Valencia, performance testing can be done in St Ouen."

RDX speeds up desktop deployment Upgrading an operating system is seldom easy. While a new operating system can offer a host of benefits, from lower total cost of ownership to greater integration and collaboration, the transition all too often strains in-house resources, hinders employee productivity and is expensive.

Successful solutions ensure interoperability with legacy systems and existing business applications. But most importantly, a properly planned infrastructure transformation should lay foundations for future developments: moving the IT department's focus from maintaining the basic infrastructure to supporting the business with new capabilities.

RDX (Rapid Deployment eXperience) is a Getronics service for desktop client design and migration. The solution emerged from joint development efforts using Microsoft Zero Touch technology (based on the Microsoft Business Desktop Deployment Accelerator, or BDDA) in the area of desktop deployment. RDX largely automates the deployment of a desktop to the latest Microsoft Windows platform, while preserving the data and the personality of the machine. Getronics argues that RDX means fewer deployment technicians and expensive project managers are required and the overall cost is far lower than traditional deployment methods. This automated technology approach also enables multiple system deployments in parallel, greatly reducing the overall length of traditional deployments which are often vastly expensive or limited by the availability of personnel.

Getronics has developed a suite of services to enable the most effective and efficient deployment of new technologies to the desktop. This modular approach enables enterprises to tailor the deployment plan to suit their specific needs. Using a combination of remote and on-site services, Getronics can deploy and manage infrastructures of any complexity and scale.

Getronics also provides network and desktop outsourcing services. Helpdesk services can be provided to the client's workforce via telephone, the Internet or e-mail. Remote service delivery is used whenever feasible.

Desktop client design and migration includes: ? Automated desktop discovery ? Automated applications discovery ? Application testing ? Application packaging (near and offshore) ? RDX desktop migration and deployment ? Comprehensive desktop, systems and network management ? Asset management (including management of software licensing).

Getting data to the desktop A niche ? but important ? challenge for desktop management is the provision of data to mobile workers. Staff who are on the road visiting customers often need their itinerary to be generated and distributed according to a specific route plan.

The UK government's Sure Start initiative, which has regional programmes based at multiple locations around the country, is one example of such a challenge. Sure Start ? which brings together early education, childcare and family support finctions ? uses representatives to go out and speak to householders in a small localised area every day.

Sure Start wants representatives to be able to collect and complete address data in the field, while with householders. Software developers CPFR Solution, in partnership with addressing technology specialists Allies Computing, have helped more than 150 programmes nationally to achieve this using a bespoke address management solution.

By downloading only the relevant local address data into their handheld devices each morning, they are able to verify addresses quickly where the home owner expresses an interest in the programme. The small amount of postcode, address files held on the device at any one time leaves plenty of memory space for recording the other information they collect on the households they visit.

Add a comment

Related content:

Please login/register to add your comments


Review comments:

There are currently no comments on this article

 

Recently added to the Microsoft Directory:

Koper Automatisering

New Vision

MS POS

DDS Logistics

SALT Solutions

 

RSS Feed

RSS feedGet the latest news direct to your desktop with the OnWindows RSS feed.

Sign up now

Business and Industry

MICROSOFT BUSINESS INFORMATION

Microsoft's Business and Industry websiteMicrosoft's business and industry pages help its partners develop solutions based on Microsoft products and technologies.

Visit Microsoft's Business and Industry site

Rackspace Managed Hosting