Optimize your Endpoint Management: IBM Tivoli and the Accelerated Value Program

A double value proposition

Service Management in Action

One of the great strengths of IBM Tivoli solutions is the way they deliver not just exceptional value, but many different kinds of value.

Take, for instance, the case of IBM Endpoint Manager. This offering includes far more than simple remote configuration capabilities; it is nothing less than a reinvention of the whole concept of endpoint management. Once deployed, it can handle virtually all endpoint-related tasks, ranging from reconfiguration to patch management to security evaluation/enhancement to power management to orchestrated software rollouts—even huge rollouts, such as operating systems and new office productivity suites.

Then there's the fact that Endpoint Manager also supports a far greater range of endpoints than competing solutions. That means not just conventional desktops/laptops, but also production servers (whether physical or virtual), and even smart mobile devices like phones and tablets. As a result, it can unify management of what had been separate IT domains, deliver better insight into and control over all of them, and keep them all more secure, more current, more compliant, and more cost-effective.

But are most organizations really prepared to get the highest possible value from such a diverse range of capabilities as that?

In many cases, they will need a trusted partner that can help them optimize the way they use the solution at every stage—from initial deployment and integration through ongoing management, always with a view toward the unique needs and context of the organization. Just as a tailored suit will always be a better fit, so too a customized solution strategy will always deliver more business value.

That's a big part of what makes the IBM Software Accelerated Value Program so attractive. Because it's personalized for each client, this program can help organizations understand the full power of a sophisticated, multifaceted solution like IBM Endpoint Manager, then leverage that power for best effect in each case.

This extended, customized support ensures that questions will be answered, problems will be solved, and value will be realized much faster and more comprehensively than would have been possible if the organization had acted alone. Added up, it comes to an estimated 400% ROI for program participants—an incredible value by any metric.

A governed approach to endpoint management

"The Endpoint Manager agent is so intelligent it can carry out endpoint tasks using each endpoint's own resources (processing power, memory, etc.). So, instead of the server becoming overburdened, and multiple servers being required, endpoint work is simply distributed across the endpoints."

Few organizations these days are as value-conscious as government agencies. And for them, the combination of the Accelerated Value Program and Endpoint Manager is a particularly effective one.

To see why, consider what “endpoint management” really means in a government context. There are, of course, the normal endpoint challenges that stem from thousands or tens of thousands of endpoints to oversee, all of which involve their own software stacks and configuration profiles.

Because the endpoint infrastructure is so diverse and distributed, it's very difficult for administrators even to know which software is deployed on which endpoints and how those endpoints are configured—let alone change that situation for the better. And as the total number of endpoints escalates, things just get harder and harder.

Beyond that, there are a number of government-specific concerns that apply as well. For instance, many agencies are chartered with meeting the terms of government benchmarks such as the Federal Desktop Core Configuration (FDCC) and United States Government Configuration Baseline (USGCB), which specify how endpoints should be secured against the possibility of a breach.

Given an infrastructure of tens of thousands of endpoints, how does the IT manager even establish which endpoints comply with these benchmarks, and which don't? And given that knowledge, what's the fastest and most cost-effective way to bring all endpoints into a state of compliance—and keep them there over time? Questions like these are not easily answered.

Imagine that a laptop's user makes configuration changes to the local firewall installed on that device, perhaps for something as simple as viewing a sports Website during the day. If so, that laptop's security could easily be compromised by sophisticated malware—and subsequently, the malware could spread to other endpoints and entire IT services, eventually accessing sensitive data repositories.

It follows that the faster such a configuration change is discovered and remediated, the lower the odds any such breach will occur, and the more benchmark-compliant the endpoint infrastructure will remain.

And security is only one of the hot-button issues for government agencies worried about endpoint management. Others include patch management across heterogeneous operating systems and applications, scalability and management complexity (the more servers needed, the more administrative work is demanded), and efficient policy execution.

A single solution delivers many powerful capabilities

Given this assortment of challenges, you can see why Endpoint Manager is such an attractive offering to government organizations. Its elegant design—one intelligent agent, one console, and one highly automated server—translates not just into a solution, but a particularly optimized one.

Once deployed on each endpoint, the agent continually assesses that endpoint looking for changes to it—for instance, the installation of new software, or (to use our earlier example) the modification of key system functions like a firewall. When it finds those changes, it reports them to the Endpoint Manager server. Additionally, if a policy exists to maintain compliance for a particular check (ie firewall profile), the Tivoli Endpoint Manager Agent automatically executes a policy to bring the machine back into compliance. Additionally, this remediation activity also can occur completely disconnected from the network and without user interaction or awareness if desired. The end state is continuous compliance and reporting without the typical prerequisites.

Because the reporting and remediation are both automated, the result is a self-healing intelligent endpoint management infrastructure—one that senses how it's changing over time, and takes action as needed to yield a target outcome. Instead of endpoints spending a certain amount of time out of compliance, they remain in a state of nearly continuous compliance.

Furthermore, the Endpoint Manager agent is so intelligent it can carry out endpoint tasks using each endpoint's own resources (processing power, memory, etc). So, instead of the server becoming overburdened and multiple servers being required, endpoint work is simply distributed across the endpoints. This smart architecture is the reason a single Endpoint Manager server can support up to a quarter-million endpoints—and why no competing alternative is as scalable.

You might wonder what the impact is on worker productivity, if each endpoint is carrying out such tasks. The answer: little to none. Despite everything it does, the Endpoint Manager agent typically only consumes some 2% of each machine's processing power, which is so small an amount as to be transparent to the user.

Finally, Endpoint Manager administrators can use the intuitive console to assess the complete infrastructure in as much or as little detail as they need. So if, for instance, they need to determine very accurately the current percentage of USGCB-compliant endpoints, such a report can be generated with almost no effort.

Ensure the highest value from Endpoint Manager by participating in the Accelerated Value Program

Of course, moving from that suite of technical capabilities to an up-and-running implementation is no simple trick. And that's exactly where the Accelerated Value Program comes into the story.

Accelerated Value Program participants receive the services of an Accelerated Value Leader—an IBMer who serves as a single point of contact between the client and IBM. This individual is empowered to draw on all of IBM's resources in assessing the client's needs, creating strategies, getting answers, and solving problems—anything, in short, that will help guarantee the best possible business outcome for the client, now and going forward.

For even more support, clients can request one or more Accelerated Value Specialists—experts with particularly deep knowledge in the IBM solutions involved—as additional resources. The Accelerated Value Specialist is chartered with addressing (proactively when possible) any of the technical obstacles that might come up before, during, or after IBM solution deployment.

Accelerated Value Program participation is thus a perfect fit for government agencies interested in getting the highest value from Endpoint Manager. They’ll find they can more easily:

Compelling real-world results

That's a set of benefits practically every government agency would like to achieve. And many agencies do, in fact, achieve those benefits every single day.

Ponder the case of the large government customer that was interested in improving the uptime of a particularly mission-critical application. With the help of Endpoint Manager and IBM's Accelerated Value Program experts, this organization managed to drive uptime all the way to 99.9%—a stunning outcome.

Another customer has already used Endpoint Manager to orchestrate more than 20 million different endpoint tasks, including patch/update distribution and software upgrades, inside the first year and a half of operation. Given the frequency with which new updates are released for major operating systems (like Windows), middleware (like Java), and applications (like Office, Firefox, and many others), this capability alone creates tremendous value.

Then there's the customer that wanted initial deployment to be as fast and painless as possible (a very common concern). The result? The Accelerated Value Program team members helped them roll out the Endpoint Manager agent to more than 17,000 endpoints in under four hours—not even half a normal business day.

Finally, if you're curious just how much infrastructure a single Endpoint Manager server can handle, ponder the case of the customer with an infrastructure of over 100,000 different endpoints. This customer has found that it needs only a single Endpoint Manager server to execute the total workload—a far cry from competing solutions that would demand multiple servers, and multiple team IT members to manage and coordinate them all.

Additional information

Recent Articles

Contact IBM

Considering a purchase?

Business Without Limits Days

Pulse2012

Deepen your understanding or pursue your interest in Cloud, Smarter Physical Infrastructure, Managing Security and Compliance, or Leveraging Mobility. Engage with IBM executives and industry leaders in half- and full-day conferences designed to provide additional details and insight with enhanced technical sessions.


Find dates and cities


Help with subscribing