Expanding Endpoint Management: New Infrastructure?
No Problem!

IBM can help you solve endpoint conundrums—no matter how advanced or complex the endpoint infrastructure

Tivoli Beat. A weekly IBM service management perspective.

It's a commonplace observation that IT infrastructures are getting more difficult to manage... and that's particularly true of endpoints.

Consider how rapidly things have changed in just the last five years at many organizations. The relatively simple paradigm of desktops/notebooks accessing single-application servers has given way to a far more diverse arrangement, in which the desktops/notebooks mix with smart mobile devices (like phones and tablets), and the servers are now virtualized (and increasingly deployed in private clouds).

Attending to the necessary range of endpoint management functions has become more complex in parallel. Yesterday's endpoint solutions and processes, never designed for such a sea change, typically can't begin to cope with endpoint tasks as complex as patch management, lifecycle management, and security.

As just a single example of the kinds of problems that come up, imagine the sequence involved in patching a virtual server in a cluster; first it must be removed from the cluster, then patched, then rebooted, then added to the cluster again. Such a sequence is simply outside the scope of traditional endpoint management tools.

For those interested in cloud computing, in particular, this can pose a serious obstacle. Clouds can certainly be deployed without similarly smart endpoint management capabilities, but if so, they'll never deliver on their full business potential. The labor costs alone will be considerable, due to the fact that its virtual servers will need frequent manual attention across their lifecycles.

Essentially the same argument applies to other emerging IT domains, such as mobile computing and virtual desktops; each can create considerable new value, but also comes with its own suite of endpoint complexities. So going forward, organizations will need to find a way to pull the entire IT infrastructure—rapidly expanding though it may be—together, attending to it via a single, comprehensive endpoint management strategy.

No IT solution provider today is better positioned than IBM to help you make that happen. IBM's portfolio of endpoint management solutions is not just up-to-the-minute and comprehensive, but integrated. So over time, you can add solutions to match your growing infrastructure, and be sure they'll combine to achieve the functionality you need.

Get the business value you need from a private cloud

Want an example? Private clouds come to mind; the full promise of cloud computing simply cannot be achieved until the endpoint complexities associated with cloud are addressed.

Automate server setup

"Yesterday's endpoint solutions and processes, never designed for such a sea change, typically can't begin to cope with endpoint tasks as complex as patch management, lifecycle management, and security."

Server setup which involves, for example, defining DNS settings, host name, and disk partitions, are ideally handled automatically in a cloud—not manually by an IT team. Here, too, IBM solutions can play a key role in making that happen.

IBM Endpoint Manager for Server Automation, part of the larger Endpoint Manager family, is capable of fielding a theoretically endless range of processes, thanks to its out-of-the-box intuitive wizards and thousands of reusable scripts. It can rapidly and consistently sequence operations across multiple physical and virtual servers as needed, even handling situations in which servers need to be stopped and restarted.

Standardize images

Image standardization, for instance, is a tricky matter. Typically, organizations moving to a private cloud will need to consolidate multiple image libraries, identifying duplicate images, determining their logical contents, and ensuring that images are up-to-spec.

Fortunately, IBM SmartCloud Provisioning, which is part of the IBM SmartCloud Patch Management offering, contains smart analytics that can achieve just this task. It allows administrators to identify the images they need, eliminate the rest, and determine just which updates are needed. This has the effect of reducing the storage requirements of the cloud while also improving server consistency—all without interrupting services that currently depend on existing images. It can then quickly provision these images to hundreds or even thousands of virtual machines quickly and easily.

Provision patches

Keeping virtual servers security-current is no easy feat—especially given the incredible speed with which new vulnerabilities are discovered, and new patches are released.

IBM SmartCloud Patch Management can help. This offering takes advantage of a smart agent deployed in all virtual servers; the agent continually tracks the update status of the OS of each server, so it always knows which servers have been patched and which haven't, for any given patch.

Should OS vendors such as Red Hat and Microsoft release a new patch, the IBM solution can be used to determine exactly which virtual servers in the cloud need it. Subsequent provisioning of the patch throughout the cloud eliminates the potential vulnerability.

Secure mobile devices—and protect employees as well as the organization

Smart mobile devices represent both a whole new range of convenient access for company team members... and a whole new set of administrative headaches for IT.

In large part, this is due to the fact that such devices were typically not bought by the organization, not configured or managed by IT, and in general not designed for the challenges of corporate use. Security guidelines and protocols can be difficult to implement given the diversity of operating systems and management capabilities associated with these types of endpoints. And since business data and applications are nevertheless routinely accessed using them—a problem that's already big and getting rapidly bigger—a new strategy in device management is clearly called for.

Such a strategy can easily be implemented using IBM Endpoint Manager for Mobile Devices. This solution allows for device-level management to the extent permitted by the underlying OS, on both an agented basis (example: Google Android) or via an unagented management layer (example: Apple iOS).

Using it, as approved by employees on a device-by-device basis, IT can take various steps to improve security. If a device is lost, for instance, IT can respond by selectively wiping data—both business data and personal data (if requested). The result: a more secure endpoint, benefiting both the organization and the employee who owns it.

Additionally helpful: Endpoint Manager for Mobile Devices allows organizations to create a local enterprise app store. This serves as an efficient platform of app distribution, pushing out new app versions to appropriate endpoints, while also giving employees a choice of safe apps already careful vetted by IT—which, in turn, enhances overall security.

Virtual desktop management made easy

Finally, virtual desktops represent a powerful new opportunity for organizations to simplify, centralize, and accelerate endpoint management while also reducing costs.

Instead of conventional "fat" desktops, with a complete software stack and all user data, the idea is to move user environments to secure, high-performance hosts managed by IT. Then, users access those environments using the devices of their choice (including smart mobile devices)—any time, and anywhere they need to be.

IBM Virtual Desktop supports best-in-class virtualized desktops running both Windows and Linux operating systems. And because it integrates with IBM Endpoint Manager, IT can easily attend to any necessary endpoint management tasks. The fact that the desktops are now virtualized and running on centralized hosts instead of on user-owned hardware, is abstracted out by the IBM solution, which continues to work in exactly the same way.

Additional information

Recent Articles

Contact IBM

Considering a purchase?

Save $500 when you register early for Pulse 2013, March 3-6 in Las Vegas

Pulse 2013. March 3-6. Las Vegas, Nevada.

Join 8000 business and IT professionals for top-notch keynotes, in-depth breakout sessions, hands-on labs, certification testing and more – all focused on optimizing your infrastructure. Plus save US$500 off the standard conference fee when you register by December 31, 2012.
Learn more, register now and save

Featured community


Leverage and contribute to the collective wisdom around Tivoli

Engage the community