Software Distribution: The Next Generation
For enterprise IT, one of the major challenges associated with endpoint management is software currency.
Given an infrastructure of tens or hundreds of thousands of endpoints, how can the software on all of them best be kept up to date? Such a task resembles maintenance of the Golden Gate Bridge—a never-ending process, in which problematic areas are constantly discovered and have to be addressed as efficiently and resourcefully as possible.
Also relevant is the distributed nature of many enterprises and enterprise networks today. Instead of a simple LAN at one site, a headquarters might be linked to hundreds or even thousands of geographically dispersed offices, branch locations, and several datacenters, via WAN connections. This variegated network architecture implies many challenges in latency and bandwidth utilization for traditional, LAN-based software distribution tools. Typically, they lack the highly scalable, fine-grained distribution capabilities needed to automatically and efficiently provision software to endpoints, so as not to choke the network and negatively impact the business.
Fortunately, the Tivoli Endpoint Manager suite is exceptionally well designed to address just these issues. The Tivoli Endpoint Manager architecture, based on a single intelligent management agent, delivers accelerated performance and extraordinary scalability suited to even the largest software distribution projects. Most of the actual work is handled not by the Tivoli Endpoint Manager server, but offloaded to the endpoints themselves. And because 2% or less of the endpoint's CPU power is needed on average, users won't even notice an upgrade is taking place. Distribution tasks can thus execute more quickly, more efficiently, and more transparently—just what the enterprise IT doctor ordered. Tivoli Endpoint Manager also supports “offers,” which allow users to elect if they want to install the software right away, or if they prefer, they can defer the installation until a more convenient time.
Similar benefits emerge from the fact that Tivoli Endpoint Manager includes bandwidth-throttling capabilities. In cases where network links have limited bandwidth, and are thus more susceptible to distribution workloads creating a major business impact, managers can specify bandwidth utilization policies, tuning Tivoli Endpoint Manager data transfers in order to diminish that impact. This functionality also applies well in the case of roaming endpoints, which leave the company network altogether and use alternate networks such as Internet or mobile carriers instead.
Add to that the fact that Tivoli Endpoint Manager also supports using existing servers or even workstations as “relays,” which allow large software packages to be staged closer to the endpoints, and you can see that network issues as a whole become far more manageable. A single Tivoli Endpoint Manager server, in fact, can typically support as many as 250,000 endpoints, distributed in any number of ways over any number of network types—and additional Tivoli Endpoint Manager servers can be added to support even the world’s largest organizations. IBM, for example, supports more than 500,000 endpoints with just three Tivoli Endpoint Manager servers.
A fast, straightforward update process for all endpoints, everywhere
"The complete closed loop software distribution process is so much faster than previously that vast software rollouts become far more manageable while requiring substantially less manual labor. Instead of demanding weeks or months, they might only require hours or days to completely finish deployment. This makes it easier to keep the endpoint infrastructure continually current."
If the architecture of Tivoli Endpoint Manager strikes you as an elegant one—one server and a single management agent on all endpoints—you'll be glad to hear that its elegance is matched by the simplicity of Tivoli Endpoint Manager administration.
Managers begin by starting a software distribution wizard that allows them to specify a software package location, such as network storage, and then create custom distribution policies, or Fixlets, as well as groups and baselines that determine which endpoints will receive the packages. These policies, though easy to generate, can be detailed if required, allowing managers to choose targets by business role, computer type, security groups, and many other criteria. Managers can either leverage existing directory information about users (drawn from standard sources like Active Directory) or ignore it and pursue a more customized approach.
Once Fixlet policies, groups, and baselines are defined, Tivoli Endpoint Manager agents automatically receive the policies and determine their relevance to the endpoint. If an installation is required, the Tivoli Endpoint Manager agents execute the Fixlet policy specifications, offering new installations to users, and then (given an affirmative response) pulling the new software packages to the endpoint either from a Tivoli Endpoint Manager relay or a network storage source and deploying them.
Finally, on completion, the successful execution of the task is reported to the Tivoli Endpoint Manager server. In aggregate, this information keeps managers of Tivoli Endpoint Manager constantly apprised of the status of distribution jobs across the organization while also providing high levels of granularity—down to an individual endpoint, if necessary.
An impressive array of benefits follows. Thanks to the high degrees of control, accuracy, and automation provided by Tivoli Endpoint Manager, the complete closed loop software distribution process is so much faster than previously that vast software rollouts become far more manageable while requiring substantially less manual labor. Instead of demanding weeks or months, they might only require hours or days to completely finish deployment. This makes it easier to keep the endpoint infrastructure continually current.
Managers also have much more accurate, up-to-the-minute information about which endpoints have which software, instead of hoping that software inventory information is current and accurate and that users have received the software that they require in order to do their jobs.
Scalability, too, is essentially unlimited. As the organization grows, Tivoli Endpoint Manager will continue to grow along with it; and in the rare case where more than 250,000 endpoints are managed, it is easy to add Tivoli Endpoint Manager servers. And beyond headcount and endpoint growth, growth in network complexity is similarly a non-issue, thanks to Tivoli Endpoint Manager's fine-grained bandwidth management processes and support for roaming, Internet-connected endpoints.
Migrating to Tivoli Endpoint Manager is easier than you'd think
Of course, another factor for potential Tivoli Endpoint Manager customers to consider is the fact that they likely already have existing software distribution tools and processes. As is the case with any other software, they will need a clean way to migrate from the past to the future—one that takes best advantage of existing resources, and minimizes the "rip-and-replace" scenario that makes virtually all IT managers wince.
Fortunately, Tivoli Endpoint Manager's architects considered this dimension as well. Windows-driven organizations that are currently using IBM Tivoli Configuration Manager but are also considering a migration to Tivoli Endpoint Manager will find the process relatively painless. That's because Tivoli Endpoint Manager supports Tivoli Configuration Manager Software Package Blocks on Windows endpoints using the Software Install Engine installer runtime. Specifically, Tivoli Endpoint Manager can be configured to discover such endpoints, as well as the Software Package Blocks they have, and then use that information in its distribution processes. Software Package Block packages can also be imported into the Tivoli Endpoint Manager software distribution dashboard as normal packages. Tivoli Endpoint Manager can even remove Tivoli Configuration Manager components following the migration process—essentially, not just handling the migration, but also cleaning up after itself.
Virtualized applications? Not a problem.
One final aspect of Tivoli Endpoint Manager that IT managers will find attractive is that, in addition to distributing traditional application packages, it also supports Microsoft's App-V packages.
Virtualized packages involve a fundamentally different approach to software distribution, because the actual application data remains on a server instead of being installed on the local client. Yet the Tivoli Endpoint Manager value proposition applies in much the same way.
Managers of Tivoli Endpoint Manager can still draw upon the solution's remarkably accurate information about endpoint conditions to determine which endpoints need which App-V packages and then distribute the virtual packages using the same Tivoli Endpoint Manager architecture used for traditional software packages. The fact that in this case the package is a virtualized one is all but irrelevant; a detail that managers can rely on Tivoli Endpoint Manager to handle instead of worrying about it themselves.
And despite this comprehensive support for App-V packages, no new App-V server is needed. The existing Tivoli Endpoint Manager server will simply assume that new responsibility, reducing costs and simplifying management complexity in yet another way.