Scenario

In this scenario, we were testing Nomad’s FanOut functionality in a ConfigMgr 2012 R2 production environment where a new remote branch office was opening, which has slow WAN links to the central data centre. The customer’s objective was to completely build a large volume of devices within a limited time frame using standard ConfigMgr OSD tools integrated with Nomad.

The method used to achieve the objective outlining leveraging Nomad FanOut can be equally applied to an existing remote branch office or dedicated build centre where the requirement is to perform OS migrations out of hours (e.g. over an evening), on a large volume of devices.

What is the purpose of FanOut?

FanOut significantly accelerates the distribution of SCCM content between Nomad peers. From rapidly deploying software updates to delivering enterprise wide OS migrations in record time. This blog explains how the Nomad FanOut feature can help supercharge your OS migrations.

Native Nomad distribution model

By default, Nomad cache share (NomadSHR) is limited to six concurrent connections on an elected Nomad Master. If a seventh device requires content and attempts to connect to the Nomad Master it will receive a “maximum connections limit” response message which can be seen in the NomadBranch.log. The device will then back off and will wait a short period before attempting to connect to the Nomad master again. When a free connection becomes available, it will establish the connection and start downloading content.

NB: The six concurrent connection restriction only occurs when a Nomad Master already has all or majority of content. If a Nomad Master is pulling content from a DP, it can serve more than six Nomad peers by using a round robin approach whereby Nomad peers connect, catch up to as much content as the Nomad Master currently has downloaded, and then disconnects allowing other Nomad peers to connect. This process is repeated until Nomad peers have downloaded all the content. The reason for this behaviour is due to the fact that typically the LAN is much faster than the WAN.

In the event that the Nomad Master already has all or a majority of the content, this is where FanOut becomes beneficial as demonstrated below.

Nomad with FanOut enabled

When the Nomad Peer receives the “maximum connections limit” response message from the Nomad Master, rather than waiting for an available connection to the Nomad Master, the Nomad Peer requests connection to a FanOut peer within the local subnet. This is known as a FanOut Request.

Devices will respond to the FanOut Requests if they meet certain criteria. Further information can be found at http://help.1e.com/display/NMD55/Nomad+FanOut

The Nomad Peer will attempt to connect to the first FanOut Peer that responds to its FanOut Request.

FanOut can scale out up to six FanOut peers at any one time if they are concurrently active and downloading content from the Nomad Master (due to the 6 connection limit to the Nomad share). In this way, rather than limiting the distribution to six Nomad peers concurrently, 43 devices (1 Nomad Master, 6 FanOut peers and 6 Nomad Peers connected to each FanOut Peer) can simultaneously be downloading the content from the Nomad Master and FanOut peers, speeding up the content deployment exponentially on large subnets.

However, if there are other devices within the local subnet that are idle and have already downloaded all of the package, then FanOut can scale out to greater than six FanOut peers at any one time. In such a scenario, FanOut can scale out to potentially more than 43 devices downloading content concurrently, supercharging the content deployment even further on larger subnets.

Nomad in WinPE

By default, Nomad installed in WinPE is not capable of becoming a FanOut peer (i.e. a provider of package content) because file sharing is not supported under WinPE (WinPE cannot act as a SMB share server, only as a client). However, Nomad installed in WinPE with FanOut enabled is capable of requesting content by broadcasting a FanOut request (if there are no available connections to the Nomad Master) and connecting to FanOut Peers that respond on the local subnet.

Therefore, Nomad can share content when it is in the full Windows OS to a computer running in WinPE, but a computer in WinPE can only share content using ConnectionLess mode. Further information on ConnectionLess mode can be found at http://help.1e.com/display/NMD55/Peer-to-peer+enhancements

Enabling FanOut

FanOut is disabled by default. To enable Nomad FanOut functionality, it must be configured via registry settings on all full Windows OS platforms hosting Nomad and in the “Install Nomad and configure Nomad in WinPE” custom task sequence action.

To enable Nomad FanOut you must add/modify the SpecialNetShare Nomad Registry value on devices hosting Nomad, and in the ““Install and configure Nomad in WinPE” OSD task sequence action properties, to include bit 6 (0x40). E.g. SpecialNetShare=0x40

Further information on configuring SpecialNetShare can be found at http://help.1e.com/display/NMD55/SpecialNetShare

Testing FanOut Enabled OS Deployments

As this is a bare metal scenario, when using Nomad the best practice and pre-requisite prior to the start of the deployment is to “pre-cache” the OS deployment content to designated peer devices on the local subnet to ensure devices being built will obtain the content from the local peer when executing the OS deployment task sequence. A pre-caching task sequence will achieve this goal.

NB: Ideally in a refresh scenario OS deployment content would be pre-cached to the local hard drives of the devices being deployed. Therefore at the start of the deployment there is no need to pull content from a local peer as local content has been pre-cached locally. A dynamic pre-caching task sequence can be used to achieve this goal.

In the following scenario, Nomad FanOut enabled OS deployments were performed in a remote site with slow WAN links to the central data centre. OSD content had already been “Pre-Cached” to eight devices. Nomad FanOut is enabled and 50 computers needed to be fully built simultaneously over the course of an evening. The build process was automated further by using 1E PXE Everywhere which was installed on all the “Precached” devices to deliver the boot image.

The first six devices that were being built connected to the elected Nomad Master when they executed the “Prestage content using Nomad” custom step in the OS deployment task sequence. Any subsequent devices that were being built and requested the same content from the Nomad Master received a maximum connection limit message from the Nomad Master, at which point the Nomad peer broadcasted a FanOut Request.

The first of the remaining seven Pre-Cached devices which responded to the FanOut Request became a FanOut peer as it had a free connection to its Nomad cache, and was able to serve content to up to six Nomad peers. In this way, the other Pre-Cached devices responded to FanOut Requests as they were triggered. As a result there was zero waiting time for free connections, and all devices were able to concurrently download content when needed from a peer without interruption. Therefore, there was no added time to the overall build time due to delays downloading content. Using Nomad FanOut in this deployment allowed scheduled completion to deliver 50 fully built computers well within the deployment plan timescales.

NB: As usually is the case when attempting to build a large number of devices; they are started consecutively in a phased approach rather than simultaneously. Therefore it is a possible that by the time the latest device is started, previous devices have entered the full Windows OS stage of the build. At this stage, the Nomad cache has been restored and content activated making it available to share and respond to FanOut requests if the Nomad Master has all its connections used up.

NB: The “Prestage content using Nomad” task sequence step usually contains a number of package content required to build the device. After the Nomad peer has completed downloading a particular package it will take some time to hash the content for validation. At this point it has disconnected from the Nomad Master or FanOut Peer, freeing up a connection and allowing another Nomad peer to connect.

Conclusion

Assuming that eight devices are running in the full OS with all the content Pre-Cached. Nomad FanOut enabled OS deployments can scale out up to 54 devices (1 Nomad Master, 8 FanOut peers and 6 Nomad Peers connected to each FanOut Peer) concurrently building and accessing OS deployment content at the same time without any wait time. With more Pre-Cached devices, Nomad FanOut can potentially scale out even further, supercharging OS deployments exponentially in mass build scenarios to meet your deployment plan timescales and quotas.

Terminology

Nomad Master – The device that wins the Nomad election on the subnet and is the central resource for the download

FanOut Peer – A device connected to the Nomad Master share that responds to FanOut requests and allows other machines to connect to it

Nomad Peer – A device that requires the download

Vishal Ladwa | Senior Consultant

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you enjoyed this article, please take a moment to share it with your contacts using the social media buttons to the left or below.

The NightWatchman console is great for waking up machines, but how can you use it to shut-down machines on demand? With NightWatchman 7 we have made the console extendable. What better extension than to make NightWatchman more responsive via on-demand commands?

NightWatchmanAsyncReport is an asynchronous command provider that runs NightWatchman.exe against selected machines. This can be run against either a tier or a single machine.

It requires .Net 4.5 on the machine that runs this utility.
Why is this useful? This allows you to rapidly exclude a set of machines from power management within SLA. In addition this will allow you to rapidly re-enable the power policies once this is possible again.

The command lines that are supported are below:

OnceOff
Setting this to YES will enable OnceOff functionality, meaning the other parameters specified will actually be considered valid only for this current operation. Setting OnceOff=YES means the machine will do the configured action within 1-2minutes.

ShutdownAction
Define what shutdown action the client should take. If you do not define “OnceOff” as well you would actually reconfigure the machines permanently or until a new policy arrives.

LogOffAction
Define what logoff action the client should take. If you do not define “OnceOff” as well you would actually reconfigure the machines permanently or until a new policy arrives.

CountdownSecs
Define the countdownseconds the client should give. If you do not define “OnceOff” as well you would actually reconfigure the machines permanently or until a new policy arrives.
powerpolicyrefreshnow
After updating a policy on the Console it may sometimes take days until a client pulled his policy. Setting this to YES will enable powerpolicyrefreshnow push functionality. Setting powerpolicyrefreshnow=YES will make the affected machines contact the 1E server to get their latest power policy. The clients themselves will still apply a random 1-5m offset however.

PromptAreYouSure
YES will make the tool prompt the user to confirm executing the command against x machines. PromptAreYouSure=YES is highly recommended for actions such as OnceOff=YES ShutdownAction=Shutdown LogOffAction=Force.

The included extension file predefines PromptAreYouSure to YES for all dangerous operations.

To install:
Extract the NightWatchmanAsyncReport.zip to ..1E\NightWatchman Management Center\Console
Rename the Console.Extensions.xml.async to just xml whilst backing up your existing file first. However if you already have other custom action you may want our new actions to your existing ones instead.

Now edit NightWatchmanAsyncReport.exe.config
Update the SQL connectionstring to your AFR server.

<add name=”AgilityFrameworkReporting” connectionString=”Data Source=SERVERNAME\MSSQLSERVER,1433;Initial Catalog=AgilityFrameworkReporting; Trusted_Connection=True;” providerName=”System.Data.SqlClient”/>

Rights requirements:
Your user needs read rights to the AgilityFrameworkReporting DB.
Your user needs admin rights to machines you want to affect. (It will do a remote WMI connection)

Both of these rights requirements are best done via creating/reusing a domain group and using this instead of giving individual user rights.

Reto Egeter | Senior Consultant

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

In part 1 of this blog series I discussed the options available when using Nomad in a Build Depot. Option 1 would be to use Nomad and have a local Distribution Point (DP) or use Nomad without a local DP.

If the Build Depot doesn’t have a DP then you will need to change the SpecialNetShare value of the ‘Install and Configure Nomad in Windows PE’ step to include Fanout. A colleague has written a great blog on this process – Leveraging Nomad FanOut to accelerate Windows OSD.

In the remainder of this blog I will describe the tasks required for OSD builds to get content from the Build Depot DP. The key here is as machines are built in the Depot they will have the OSD content in the Nomad cache but will be rebooted, powered off and box to be shipped thus making them bad Nomad peers.

Prerequisites

The process use PowerShell commands in WinPE, PowerShell is not a component of WinPE by default and will need to be added to the boot image.

Configuration Steps

The following changes need to be made to the OSD task sequence. I would recommend taking a copy of your task sequence before making changes.

1. Identify if the task sequence is running in a Build Depot.
   We can use the Build Depot’s IP subnet to ensure that Nomad only gets content from a DP when the task sequence runs in the Build Depot.

2. Create a task sequence variable of the default gateway.
   This is done by the MDT Gather step but we don’t want to run the Use Toolkit package step before installing Nomad in WinPE.
   The following PowerShell will set the default gateway as a task sequence variable DefaultGateway

powershell (New-Object -COMObject Microsoft.SMS.TSEnvironment).Value(‘DefaultGateway’) = (“Get-wmiObject Win32_networkAdapterConfiguration | ?{$_.IPEnabled}”).DefaultIPGateway

3. Add a second ‘Install and Configure Nomad in Windows PE’ step.
   Change the P2PEnabled setting to 0 (this will force Nomad to get the content from the DP)Add a condition on the options tab to run this step if the task sequence variable DefaultGateway equals that of the build depot

4. Locate the original ‘Install and Configure Nomad in Windows PE’ step.Add a condition to run the step if the task sequence variable DefaultGateway not equals that of the Build Depot

5. In the Full operating system we need force Nomad not to download content from a Nomad peer.
   This is best achieved by setting the NomadInhibitedSubnets registry value to the Default Gateway of the Build Depot. The NomadInhibitedSubnets settings lets you define subnets where machines will download from the DP and not participate in Nomad elections for content.

powershell “Set-ItemProperty -Path HKLM:\Software\1E\NomadBranch -Name NomadInhibitedSubnets -Value 193.169.8.0/24″

Nomad will now use the local Build Depot DP for content and not a Nomad peer. When OSD is performed in outside of the Build Depot Nomad will get content from a Nomad peer where possible.

Read more about Nomad at http://www.1e.com/nomad/, or follow our LinkedIn Showcase page.

Peter Clark | Senior Consultant

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you enjoyed this article, please take a moment to share it with your contacts using the social media buttons to the left or below.

Executive Overview

The ISO/IEC 19770-2 revision has passed all country votes and has moved into the publication phase. ISO editors will work through the document and set it up for publication in sometime over the summer of 2015.

With the SWID Tag Standard (ISO/IEC 19770-2) revision reaching this pivotal moment, the standard is enjoying tremendous commercial and standards body support. Notably, numerous other standards organizations have created and are creating standards that use the SWID tag standard as a foundation including:

• The Trusted Computing Group (TCG) has is going through the final review and approval process for SWID Message and Attributes for IF-M standard that supports the Trusted Network Connect Processes
• The Distributed Management Task Force (DMTF) Software Entitlement Working Group has updated the Common Information Model (CIM) to support the transfer of SWID tag data
• The National Institute for Standards and Technology (NIST) has released a draft of Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags

IBM is a perfect example of how commercial vendors are embracing SWID tags. Previously, IBM has created its own internal library of identification information for their products. This worked for their IEM solution, but wasn’t particularly useful to 3rd party organizations. Additionally, the internal catalog was good to identify IBM software, but has numerous issues identifying non-IBM software.

IBM now includes SWID tags based on the 2015 standard for all of their software releases (approximately 300 per month) and this data can be used for both internal purposes by IBM tools, as well as by 3rd party organizations that may be supporting processes such as compliance related activities.
Other large software vendors who are Tagvault.org members such as Hewlett Packard, Microsoft, and Symantec are also moving to provide SWID tags in software they create and distribute to make the IT management of those titles easier, faster and more automated.

1E is also embracing this standard – the 1E identification catalog will continue to support the ability to identify software based on file discovery data, but if a software product includes a SWID tag, that will be used as the primary identification approach. The 1E products also use the world’s first entitlement system that’s based on the upcoming ISO/IEC 19770-3 standard that defines entitlement schemas.

This unique combination of support for ISO/IEC 19770-2, 19770-3 and traditional discovery approaches for legacy applications is a game changer for the industry when it comes to compliance and entitlement management.
To see more about what tags are, how they are being leveraged and specifically, what the various standards are for, read on.

SWID Tags – The Overview

SWID tags are like a barcode on the packages you buy at a store. Every can of soup of the same brand and type will have the same barcode a different can that is a different flavor, or created by a different company or brand will have a different barcode. This allows the cash register to uniquely identify every product in the store so each item can be managed and sold independently. To support various IT security, compliance and logistics processes, software needs to move from a best guess effort that’s currently the state of the art and is applied by software recognition libraries to an authoritative SWID tag that is applied directly to the software.

With SWID tags, every software component has a unique ID associated with it and that unique ID can be used by any IT system to reference a particular software product. SWID tags can be applied to software products, patches, bundles suites, drivers, etc. Additionally, the SWID tags can be used for software installed directly on a device, or allow for more efficient and effective management of software installed in cloud and virtual environments. SWID tags will be increasingly important in the Internet of Things as more and more products include software that needs to be kept up-to-date for security reasons.

There is a lot more to SWID tags the just having a unique ID. SWID tags provide explicit identifying information about the software as well – who created the software, who licenses the software, what the product name is as well as the edition and version. All this information is needed though out a software products lifecycle from RFQ’s that aim to compare pricing for exactly the same product from different resellers to the eventual end-of-life for a software products use within an organization.

Market Reactions to SWID Tags

Market adoption of SWID tags has been taken up by some of the biggest names in software development, companies like Hewlett Packard, IBM, Microsoft and Symantec all release software that includes SWID tags and many of these companies have products that read and use the SWID tags for IT management purposes. In fact, IBM is currently seeing around 300 software releases a month – and every one of these includes a SWID tag.

These companies are tagging their software because it is becoming much more difficult for their customers to manage their IT software portfolio without the tagged information. As environments become more complex with cloud and virtual systems, mobile devices and the impending Internet of Things where everything may need to be managed and updated, knowing exactly what’s installed where is becoming critical.

The Latest News about SWID Tags

There has been a tremendous amount of energy put into the use and support of SWID tags recently. The following provides a quick summary with later blog posts going into more detail.

The US Federal Government has been actively working on improving their management of software, patches and upgrades across numerous agencies. These changes are intended to improve security, compliance and logistics activities. One project called the Continuous Diagnostics Mitigation (CDM) is being developed by the Department of Homeland Security and is intended to provide a dashboard that provides a real-time dashboard of security positions for the various government agencies.

One of the issues discussed at CDM meetings is the fact that there is a clear requirement to have consistent data coming from any inventory tools used by various government agencies. This is one of the primary drivers behind NIST developing the (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. This document will go through a number of rounds of public review and feedback to ensure that the guidelines provide the data that’s required and can be implemented by publishers and tools. Once published, this NISTIR will likely be the basis of the requirements applied to any software the US Government purchases.

The Distributed Management Task Force (DMTF) created the Software Entitlements Working Group which is focused on helping organizations manage software licenses more effectively for Cloud and Virtual environments. Since ISO/IEC has published the 19770-2 standard for Software Identification Tags, and is actively working in the 19770-3 standard for Software Entitlement Schemas and 19770-4 standard for Resource Utilization Metrics, the DMTF is leveraging these standards and, where useful, they are providing support for the Common Information Model (CIM) to report on SWID Tag data wherever possible.

Finally, the Trusted Computing Group (TCG) has is going through the final review and approval process for SWID Message and Attributes for IF-M standard that supports the Trusted Network Connect Processes. This standard is intended to be used to authoritatively identify software components on a trusted network device and allows for much more flexibility and automation for organizations using the Trusted Network Connect standards.

Summary

With the imminent publication of the revised ISO/IEC 19770-2 (SWID tag) standard, the commercial and government support behind this revision and the fact that numerous standards bodies are building standards the utilize the SWID tagging standard, we will see more customers including requirements for SWID tag support in their RFP’s, more tool providers following 1E’s efforts to utilize SWID tags and standards based entitlement data in their systems and, with these changes, organizations will have the ability to realistically manage and even automate large portions of their security, compliance and logistics operations that, today, are managed in a more ad-hoc and insecure manner.

Anyone purchasing tools today who is not buying from a vendor who is actively supporting these standards is buying antiquated technology. Make sure you validate that your vendor fully supports the ISO standards for software identification and entitlements.

Steve Klos | Subject Matter Expert, 1E

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

A colleague passed me a Wall Street Journal CIO Network report with the lead story titled, “Cyber security in the Wake of Sony”.  While reading, I winced at the line when the attendees were asked the question, “who [here] hasn’t been hacked.”  Only one hand went up, and that CIO got a lot of skeptical looks.  In light of recent cyber security breaches, I would have also looked at that CIO with a skeptical eye too.

Each one of these cybersecurity breaches of recent past involved different entry points (which makes addressing cyber security even more challenging), but there are steps that organizations can and should take to minimize those entry points.  I want to focus on one of those entry points as it is something that can be done before a breach, and perhaps save money at the same time.

Recently, the 1E IT Financial Analyst team published a study which analysed data from over 1.8m desktops across 74 companies.  I was astonished to learn that, on average, more than a quarter of installed software is not being used.  If the software has not been used, one has to wonder if it’s been updated with patches and updates to help ensure security.  Further, from past life, if the software is unauthorized (illegal), it has a greater likelihood of being infected with malware creating even more possible entry points, according to a study done by the University of Singapore and IDC.

But how does this relate to ITAM?  I believe there are three reasons:

1. Cybersecurity is everyone’s job. Those in ITAM need to be vigilant and ensure that their software is both legal (to stop possible entry points from malware) and updated with the latest patches and updates. This can only be done if you have processes in place to ensure a full and accurate accounting of what is installed across all of your devices.
2. Look for opportunities to lessen the risk. Is all of the software installed across your network actually being used? If not, there are tools like AppClarity that will provide this information and give you options on ways to remove it.  Further, can you reduce the number of vendors in your organization.  Doing this allows you to lessen the number of different applications that need to be updated with patches/updates.
3. Establish policies and procedures – and verify they are working. All too often, policies are created and forgotten about. If a policy was established, it was done for a reason (at least at the time).  If the policy is in place, test it to see that it is doing what it was designed for.  If not, you know what to do.  If you find the policy is out of date, fix it.  Be a change agent – reduce the risk.

I don’t mean to suggest that dealing with cybersecurity challenges can always be overcome solely with effective IT Asset Management, but it certainly reduces the size of the hole that is probably already in your organization.  Reducing the size of the cybersecurity hole equates to reducing risk. Further, knowing what you have installed, and are actually using, can also save money. These seem like wins to me.  IT Asset Managers should challenge themselves to add this to their remit (if not already done so) and track and report these wins which any CIO (well, maybe not the one who did not raise his hand) will want to see.

Peter Beruk | Subject Matter Expert, 1E

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

Dear Curiously Interested,

You are indeed correct.  Forever 21 was sued by Adobe, Autodesk and Corel.  Sam originally reported on this back in February of this year.

By way of background, the plaintiffs alleged that Forever 21 pirated 63 different instances of Adobe software including copies of Photoshop, Acrobat, and Illustrator. Autodesk and Corel also joined Adobe in the suit, based on pirated copies of Autodesk, WinZip, and PaintShopPro, among others.

Sam did a bit of sleuthing and found that Forever 21 filed a response to the complaint.  In reading the response, I was fascinated at how hard Forever 21 pushed back against the complaint.  While this may be simple posturing on their part, it may also mean that Forever 21 intends on fighting this to the end (they asked for a jury to sort everything out).  If this plays out this way, it will represent one of the very few end-user piracy cases to go to court in many years.

So, what does this mean to the wider ITAM community?

Every SAM manager knows that vendors are increasingly conducting audits.  The latest stat from Gartner is 68% of all organizations will get one or more audit requests this year.  Does this case filed by the vendors against Forever 21 represent a new threat to ITAM managers?  I don’t think so and let me explain in three ways:

1. Vendors don’t like to sue their customers:  Auditing for compliance is one thing, suing is another.  Vendors only consider litigation when other methods have failed.  In this case, it is alleged that Adobe tried to work with Forever 21 to resolve their claims – and were rebuffed by Forever 21.
2. Copyright litigation is complex, and costly (for both sides) with unknown outcomes. Even though the US Copyright is clear on what constitutes unauthorized use, judges are given wide latitude in determining damages.  If the case is determined to be non-willful, the penalties can be as low as $200.  For willful cases, the fines can go to $150,000!  Given the wide latitude in fines, most plaintiffs and defendants end up settling these types of matters via a settlement agreement.
3. Litigation may be rare, but as this case tells us all, the threat is still there. Being proactive with a IT Asset Management program, having proper (standardized) policies and processes in place, conducting regular audits and doing reclaim of unused software is a great way to stay ahead of compliance (and being ready for audit when it happens).

However the facts turn out in the Forever 21 case, one thing is clear.  Forever 21’s name will, excuse the pun, be “forever” associated with unlicensed software.  Is that a cost you want to associate with your business?

Lastly, as I previously predicted, this case will most probably be resolved via a confidential settlement agreement.  Even though  Forever 21 responded back to the original complaint, something it is required to do by law, I believe cooler heads will prevail and at one point, one of  the parties will blink and say let’s get this case over with and move on.

Compliantly yours,

Sam

You can follow updates from the 1E Software Asset Optimization (SAO) team via Twitter @1E_SAO, or the BetterITAM blog page.

Ask your own question of Sam at http://www.1e.com/ask-sam/

If you found this article interesting, please take a moment to share it with your contacts using the social media buttons to the left. Thank you.

Problems arising from not looking at the whole picture

Sometimes known as Reclaim, or Harvesting – most ITAM / SAM professionals agree that removing unused software is part of a good and complete IT Asset Management programme. The trouble is it is often seen as a hard part that people never get around to. Other things seem to get in the way.

One anecdote that exemplifies this to me happened when I was discussing reclaim with a potential customer a year or two ago. She was responsible for Software Asset Management across a 50k seat organization. I asked her if she looked at application usage at all? She replied that yes – in fact she had an objective to measure usage of 5 desktop applications that year, with a view to looking at potential reclaim.

I said that was good, but I wondered how she had chosen which 5 applications to measure, as an organization of that size would likely have several thousand applications present on their systems. She said that she had chosen 5 applications with low install counts so that she could make sure her objective was met.

Now – I think some of the problems with that approach are obvious, and realistically I think we can all agree that maybe her objectives should be more tightly analysed. However, this highlights a real problem. When looking at usage of software, with the intention of finding the most value and removing unused software, you need to look at ALL the applications in order to understand where the value is. We know from very broad benchmarking, that on average every PC has over $200 of unused software on it. Tapping into that means looking at usage on all applications.

To hear more about exactly how to reliably remove unused software as well as know it is there, join me for a Webinar on ‘Automating the removal of Microsoft and Adobe Software’ at 1pm EDT on July 15^th.

Dave Harding | Product Manager, SAO

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

I recently was at a customer that used a build depot for Windows OS deployment to new and previously used computers before they were delivered to employees’ offices. The depot enabled the customer to build up to 100 computers a day and the customer had the peace of mind knowing that every computer being built was getting the same Windows image and applications.  This process has been in place for well over a decade and had been accepted by employees as the standard process for receiving their computer. As a result of building computers at this central location, many new employees had to wait several days before they got their computer often causing many hours of lost productivity for new hires. This customer has been using Configuration Manager 2012 for several years but didn’t have the bandwidth to their plethora of sites throughout the United States and other countries.

In the build depot, the customer had two Configuration Manager 2012 distribution points with each server deploying to a set of two tables each. Each table could build as many as 20 computers at one time. A deployment technician managed these tables and was responsible for unboxing, placement, deployment, and repackaging the computers. The deployment process took about one hour but the computers had to remain on the tables for several hours to allow the encryption process to complete.

Another side effect of the build depot process was that many field technicians created their own full Windows images on a USB key or other media to avoid having to get equipment from the build depot just to get a freshly built image on a desktop. This would cause discrepancies in the customer’s Configuration Manager database due to identity duplication within the image being copied around. Also, some applications which installed unique values on the original computer were duplicated causing issues in the license tracking for those respective applications. Security and stability were also difficult to maintain since the image on the USB key quickly fell out-of-date with patch compliance.

1E was engaged to deploy Nomad 5.5 throughout the customer’s desktop infrastructure initially to aid in bandwidth reduction of software updates and application deployment. As part of our project, 1E Professional Services integrated Nomad into the OS deployment task sequences being used in the customer’s build depot. Due to the flexibility of the Nomad task sequence steps design, we easily added Nomad functionality into the customer’s build depot task sequence and began enabling field technicians to easily build or rebuild employees’ computers in place. This same OS deployment process done at the build depot could even been done on multiple computers in the customers office with a 1.5 megabit DSL line and finish in about two hours.

The build process is now easy to use and builds can be done in any location so the field technicians have no need to create their own images. This ensures the build is constant. The field technicians resort to using the Nomad-integrated deployment task sequence which always provides the latest Windows image along with the latest versions of the company’s additional software. Each week, only the changes in the image or applications are deployed to designated computers throughout the environment.

Another benefit of using Nomad is the enormous bandwidth savings due to the use of Nomad and the single-site download functionality within the product.  Our reports indicated that within the first month of the Nomad implementation to 70 percent of the computer they had saved over a terabyte of bandwidth. Your networking team should be delighted to see that level of savings in bandwidth.

Are you interested but still a little skeptical? Another 1E customer has something to share with you then. If you would like to find out how you could decommission your build depot contact a Sales person in your region.

Jonathan Robins | Senior Consultant, 1E

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

Part of the job of a technical author is to edit, review, read and understand articles that people have written. So you get a feeling for what works and what doesn’t. The primary conclusion I have drawn from this is that simplicity is key. Simplicity makes things quicker to read. It makes them easier to remember and increases the satisfaction level of the reader.

Sounds like simplicity is good, can you go too far?

Before you can simplify you need to have a clear understanding of what you are trying to say in the first place. You can oversimplify by leaving out essential information and not getting your main point across. Leaving out some essential instruction or fact may make your article shorter but not simpler.

Assuming then that you have clearly defined your goal, what can you do to simplify your writing?

Imagine you are documenting some requirements for Nomad, you’ve got a goal and you start writing down that voice in your head as it speaks, rattling off:

“In view of the fact that Nomad requires ActiveEfficiency for a certain number of its features, prior to installing Nomad, you should ensure that there is an ActiveEfficiency installation present on the network. If this is not the case the features that rely on ActiveEfficiency will consequently not be available.”

You may or may not speak like this, but regardless the initial output is usually not great for one reason or another. So then what do you do? A good idea is to first remove the redundant expressions. A redundant expression is using several words where one or two will do. For example:

In view of the fact that can be replaced by the single word as.

So applying the process we then arrive at:

“As Nomad requires ActiveEfficiency for some features, this needs to be installed before Nomad. If this is not present some Nomad features will not be available.”

Ok, now we’re getting to the heart of this sentence, but what are we saying? Isn’t it obvious that if certain features require ActiveEfficiency then they will not be available if it isn’t there? Having reduced the redundant expressions we can see the structure of our sentence more clearly understand its deficiencies and identify the changes that are required:

Nomad requires ActiveEfficiency for some of its features.

That is short and easy to understand but does it contain all the information we need? Surely it would be useful to know which features have that requirement?

Nomad requires ActiveEfficiency for the following features:

• Single-Site Download (SSD)
• Peer Backup Assistant (PBA)
• Single-site Peer Backup Assistant (SSPBA)
• Integration with WakeUp
• Nomad pre-caching

So what do I conclude from that?

The result is a useful, simple statement of the Nomad requirement for ActiveEfficiency and the features that would be impacted if it is not present. This practical example shows how a straightforward simplification process can be applied to some initial verbose output to produce something that is easy to understand and informative. Hmmm, perhaps I should apply the process to this blog… but maybe I’ll just leave that as an exercise for the reader.

Dave Westwood | Technical Writer, Development

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

You are a savvy, experienced, and well-rounded Configuration Manager administrator servicing a large estate with many branch/satellite locations both large and small. You work with your leadership to maximize IT value potential to the business and ensure agility by using an alternate content provider rather than buying or leasing more and more servers to use as distribution points. You looked at the choices and chose 1E’s Business Prioritized Network and Server Reduction solution set along with accompanying Windows Software Deployment technology, NOMAD.

Besides the reduction in distribution point servers, you can now start distributing content… well, anytime. You are reassured in knowing 1E’s Business Prioritized Network solution means you never have to worry about CM overtaking WAN bandwidth availability thanks to a key feature, Reverse QoS. This allows for the business traffic to take priority and for CM content traffic on the WAN to be managed dynamically.

Your company is going the way so many others are in this day and age of everything digital: moving away from running wired connections wherever possible to fully embrace the ever emerging changes in its employees’ desires to be far more mobile. To this end, it is deploying Secured Wireless access to the company headquarters as well as the other branch and satellite offices.

So how will 1E’s solution play in this highly wireless based environment? Take a look at our newest whitepaper which addresses what types of wireless scenarios exist (specifically lightweight access points) along with the systems management considerations you need to make.

Download the white paper now

Bryan Barboza | Solutions Engineer

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this helpful, take a moment to share it with your contacts using the social media buttons below!

On May 14, Microsoft released ConfigMgr 2012 SP2/R2 SP1 with support for Windows 10 included. On June 1, Microsoft announced the July 29 release date for Windows 10. We had an important decision to make:

• Test ConfigMgr 2012 SP2/R2 SP1 by itself and release a support statement for it. Test Windows 10 by itself and release a support statement for it.

• Wait for Windows 10 to release on July 29 and test both ConfigMgr 2012 SP2/R2 SP1 and Windows 10 together, releasing a joint support statement

We decided to go with the latter, waiting until after Windows 10 was released. We believe this was the best decision in that customers were able to confidently begin their own testing of both releases together, knowing that their efforts are fully supported by 1E. The decision has also benefited 1E as it prevented impact to upcoming product releases that are scheduled in Q3 and Q4.

Another reason the decision was made is that it helped to avoid a scenario where each 1E product could have required multiple hotfixes and/or maintenance releases – particularly for our agent-based products: one for ConfigMgr 2012 SP2/R2 SP1, and one for Windows 10. Understanding the preferred schedule most customers follow when deploying enterprise software (e.g. once per quarter or every six months), deploying multiple hotfixes/maintenance and new product version releases within a short period of time is generally undesired.

At 1E, we give high regard to our customer’s goals, entrusting that this understanding is the compass which leads us to making the best decisions possible.

Below is the 1E product support matrix for ConfigMgr 2012 SP2/R2 SP1 and Windows 10:

Troy Martin | Product Manager, Endpoint Automation You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, Twitter, and via V1Ewpoint, our monthly newsletter. To discuss any issues relating to this article with our experts, email info@1e.com, or visit our LinkedIn forum, 1E INSIDEV1EW. If you enjoyed this article, please take a moment to share it with your contacts using the social media buttons to the left. Thank you.

Today 1E is proud to announce the general availability release of Nomad 6.0!! 8.5 months and over 6K hours were spent adding new features and enhancements that will help turbocharge your Windows 10 migration. You can learn exactly how it does this by joining our Nomad 6.0 Launch webinar on September 3, 2015.

Sincere thanks go to the amazing Engineering and Product Management Teams at 1E for all their time and effort, as well as the partners and customers who participated in early Release Candidate (RC) testing. Without everyone’s involvement and continued support, this release would not have become a reality. Thank you!

New Features and Enhancements

With Windows 10, Microsoft is now using Servicing Branches as the vehicle for making new features and security updates available to businesses – a measure that is set to increase content loads. ConfigMgr content and network traffic will now include Servicing Branch content as well existing software distributions, application deployments and OS deployments. Nomad 6.0 and PXE Everywhere 3.0 have been designed to cope with this additional content load thanks to the following feature:

Nomad 6.0

Pre-caching

• All content types are supported (not including Software Updates)
  • Applications
  • Boot Image
  • Driver Packages
  • Operating System Images
  • Operating System Upgrade Packages
  • Packages
  • Task Sequences e.g. all of the above included as reference packages
    • The Task Sequence pre-cache wizard dialog-box allows the admin to choose which reference package to pre-cache. All reference packages are not required to be selected for a task sequence pre-cache job.
• Different pre-cache jobs can target different collections
  • Admins can choose which machines to be targeted for pre-caching content. The administrator still has full control and content is only distributed to where it is intended to go. Simply stated, the admin has a choice.
• Integrated with ConfigMgr Admin console
  • Wizard-driven
    • Invoked by ‘right-click’ on content, or click Pre-cache button on Admin Console ribbon when content is selected
  • No separate or competing consoles
  • Integrated with native ConfigMgr Security allowing administrators to take advantage of their existing Role-Based Administration model implemented
• Efficiently leverages ConfigMgr’s software distribution system
  • Uses Management Point to locate content
  • If necessary, uses Distribution Point(s) to download content across the WAN
• Does not create ConfigMgr policies
  • 1E ActiveEfficiency creates and stores pre-caching jobs which Nomad clients later download
• Scalable-design
  • Massive number of clients can concurrently process pre-cache jobs and download content leveraging patented Nomad technology such as Reverse QoS®, P2P and other advanced features e.g. Single-Site Download, FanOut.

OSD Integration Enhancements

• Simplify Nomad integration with both software distribution and OS deployment task sequences
  • Nomad custom action for setting SMSTSDownloadProgram variable, enabling the task sequence to invoke Nomad during execution.
• All Windows 7/8/8.1/10 OS deployment scenarios are supported e.g. including Windows 10 In-Place Upgrade

Enhanced Security

• New option allowing FIPS-compliant AES-256 bit encryption to be used during various peer-to-peer communications
• New option allowing the Nomad share to be hardened by removing User Authentication from the Nomad share permissions

PXE Everywhere 3.0

• New option allowing FIPS-compliant AES-256 bit encryption to be used during various peer-to-peer communications
• Continued support for Unified Extensible Firmware Interface (UEFI) – first introduced in PXE Everywhere 2.3

Nomad 6.0: Powering Software Lifecycle Automation

Unlike competitor products, 1E Nomad is not simply a ‘point solution’. Rather, it is a core element of the 1E suite that is responsible for delivering end-to-end Software Lifecycle Automation (SLA) that enables the digital business.

Nomad 6.0 is a vital part of this commitment. Our On-Demand Windows solution – with Shopping 5.1 and Nomad 6.0 at its core – alleviates the pain of Windows migration through:

• 100% Automation
• Letting users Self-Serve for the Upgrade
• Eliminate the need for deskside visits
• Make the process Business-As-Usual

Nomad is also at the heart of Business Prioritized Network – allowing customers to deliver software without impacting the business:

• Confidently deploy software during business-hours
• Streamline IT data traffic from remote locations
• Intelligent Endpoint protection of the network
• Network changes? No problem!! – end-to-end bandwidth throttling independent of network conditions and infrastructure changes.

1E Nomad – Market Leader

First released in 2004, 1E Nomad has continued to be the market leader for content management add-ons to Microsoft System Center 2012 Configuration Manager (ConfigMgr), with over 5 million active Nomad agents deployed around the world.  Today’s GA release of Nomad 6.0 reflects our commitment to remaining as the #1 brand companies trust in protecting their business  from system management traffic created by ConfigMgr.

How many times have you fallen victim to misconfigured software, either as a user or an IT admin? Misconfigured software can pose a number of challenges for users across the board, including:

• IT Admins who design comprehensive solutions dependent upon specific features and functionality
• Desktop Engineers who need to ensure seamless integration with the operating system and coexistence with other installed software
• Help Desk technicians who need to quickly triage impacting users issues e.g. troubleshooting by reading log files
• End-users who want a consistent experience

There are no exceptions when it comes to how deeply these individuals are affected. Misconfigurations don’t discriminate. Ultimately, everyone is equal at the keyboard.

Introducing 1E Endpoint Agent Installation Solution Accelerator

1E Software Lifecycle Automation suite includes several agents that run on endpoints in the enterprise – and what we don’t want is for any of our customers to suffer the issues caused by misconfigured software. That’s why we created the Endpoint Agent Accelerator.

Endpoint Agent Installation Solution Accelerator is the first Solution Accelerator from 1E that simplifies and streamlines the setup, configuration and deployment of the 1E endpoint client agents. A simple executable, it is run on a Configuration Manager Primary Site or on a workstation that has the Configuration Manager Console installed. There is nothing to install, the executable launches a wizard that has the same look and feel as the wizards in Configuration Manager 2012.

The Endpoint Agent Installation Solution Accelerator wizard uses simple terminology to remove the complexity of determining the various settings and related values that need to be configured. This allows for a consistent configuration that takes the focus away from the setup and configuration, placing it instead on the functionality of the products. The default configurations are based on best practices from years of 1E field experience and should be optimal for most environments without additional changes.

Once the Endpoint Agent Installation Solution Accelerator wizard collects the necessary input, it will create a Windows Installer Transform file for each product/platform containing the appropriate settings. It also copies the required files to the defined Application and Package repositories and creates the corresponding Configuration Manager Applications and Packages. If enabled, it will distribute these contents to the selected Distribution Point Group. Finally, it also can create Required Deployments to either a new collection or one that was selected during configuration. Performing these tasks manually would take several hours (if not more). Now with the Endpoint Agent Installation Solution Accelerator, all of this can be done in a matter of minutes in an automated, wizard driven manner removing the risk of manual configuration errors.

The Endpoint Agent Installation Solution Accelerator supports the following 1E endpoint client agents: Nomad, PXE Everywhere, 1E Agent (WakeUp or WakeUp + NightWatchman), Shopping Client Identity and the Web WakeUp ActiveX control. It can be used in combination with Configuration Manager 2012 SP2/R2 SP1, R2 or SP1. It has several use cases and can be used for the following: Proof of Concepts, Labs, Production and Training Environments – basically anywhere the 1E endpoint client agents are used.

The Endpoint Agent Installation Solution Accelerator is available for download on the 1E Support Portal under the Tools section for registered 1E customers and partners. It also contains advanced functionality that allows for further customization and automation – but I’ll cover those in a future blog post.

Over the past 15 years I have worked within two significant software businesses, each of which were leaders in their respective fields and each following a very similar strategy when it comes to determining the product offerings built.

That strategy is really very simple:

• Assess large enterprise software solutions within the marketplace
• Find where that technology is already well-defined & thoroughly explored
• Identify for gaps and/or voids in in said technology
• Determine how an extension to that solution would be able to successfully fill the gap
• Ensure the solution significantly increases overall value

Both of the businesses that I refer to during those 15 years selected to strengthen the Windows desktop by significantly enhancing some of the aspects of that platform for enterprise users. These strategies target some of the largest businesses in the world in order to streamline their operations significantly and hence demonstrate significant value propositions to such enterprises.

Such a strategy is relatively well known as the Embrace and Extend strategy – embracing the solution of an existing upstream vendor and then extending it to bring further benefits over those originally found in the solution.

A key part of the strategy mentioned is to engage with the upstream business and be transparent with them around the solution that is being built and just how it is going to add significant value to their existing (and future) customers. Once you’re able to demonstrate to the larger business that not only are you providing a solution that significantly enhances their own existing solution, but that it also does not cause them any negative repercussions, then you can begin to foster a solid relationship where perhaps the upstream business begins to educate about the more intricate parts of their own roadmaps as well as maybe the ultimate golden ticket: inviting you in to their customer meetings to help them (as well as yourself) sell their solution in the first place.

In many ways this is the ultimate place to be because in this case not only are you earning the reputation as trusted advisor but you are also filling a similar role for the upstream software business as they look to you to help them close their own business, knowing that life (for the customer) is better when both they and you are involved. This brings out the “better together” tag line that we often see between business partners in this manner.

There are of course a couple of particularly important aspects that you really must heed however:

• Always be able to run faster than the upstream business
• Always look to enhance the existing proposition rather than replacing aspects of it

Your ability to innovate and deliver functionality faster is critical as the upstream business will over time fill the voids that your solution fills today, potentially rendering the need for your offering redundant. Your need to continue to keep your value proposition high will always be there and at times will feel like you are struggling to tread water to stay afloat – this is quite normal although you should use these times to reflect and determine if your solution does still retain sufficient differentiation, acting accordingly. Of course you will likely be always on the lookout for the next void(s).

It is often tempting to replace existing solution features with your own set of purpose built features and significant care and consideration should always be undertaken before committing your business to such an approach. The reasoning is pretty simple, the upstream business:

• Has already invested significantly more time in research, development and testing than you likely have at your disposal
• Will not feel good about your decision to abandon some of its hard labored technology
• Will be unlikely to offer help and support to your replacement features and will expect a customer to remove your stuff should support cases come up
• Is more likely to take a position of blame towards the smaller business should there be any software issues

The second point is rather important as this is an item that will often be a bone of contention and will likely stall your ability to build a strong business relationship with the upstream vendor, resulting in slower growth patterns for your business and worse still, a lack of partnerships with customers. The customer wants to see a strong relationship between the vendors of the solutions that are being delivered on their systems, should it be apparent that such a relationship is not in place or is fractured in some way, then good luck to you as the smaller player, you are going to need it.

In the situation of software issues arising through technical support, it is most likely (in my experience of the last 15 years) to result in the upstream vendor simply blaming your solution and if your solution cannot just quickly sit back quietly (disabled for example), allowing the upstream solution to function unhindered, then you are in for a world of pain for a little time, while you explain to the customer the implications of your replacement feature set. For example, if your solution were a software distribution tool that replaces the existing (upstream) distribution model, then you need to explain to the customer that ALL software distribution needs to be switched off across the entire business and THEN to need to configure the original upstream solution distribution just to prove that your solution was not at fault. If you had simply embraced and extended the existing distribution model, then at this point you could simply disable your enhanced feature set, allowing the standard system to continue to operate without you – nice and simple and giving the customer the peace of mind that your solution is enhancing their solution rather than replacing it with something potentially unwieldy and leaving them with the risk of having no software distribution at all.

Ultimately, we are here to produce solutions that add significant value to the customer and by embracing what the customer has already invested in, then extending it out is a simple recipe for joint success – both that of the software vendor and that of the customer.

Finally, while this strategy seems (and it is) very simple, it might amaze you just how many vendors go off-piste a little and find themselves in trouble – even terminally so. My conclusion? Let’s work together to make some great technology, filling some critical voids and make life better / easier for the customer who is after all, the very reason we exist in business.

Simon Rust | Director, Product Marketing, Development

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this helpful, take a moment to share it with your contacts using the social media buttons below.

How much is unused software costing you? The 1E analysis, which covered 3.6 million users across 129 global corporations, shows that the level of software waste is extreme. On average, companies are wasting 37% of their software spend—a proportion that would be deemed unacceptable in any other part of the business.

The cost of this waste is enormous—in the US alone it amounts to $30 billion in wasted IT dollars. As staggering as that figure is, it’s a price most businesses seem willing to pay. In fact, over the four years that 1E has been analyzing software waste trends, the statistics have barely changed. Our infographic reveals the latest figures, with breakdowns by region, industry and software title. The results will shock you.

Interested in measuring your firm’s software waste? 1E’s FREE Software Lifecycle Intelligence tool can automatically report on actual usage information from your System Center Configuration Manager so you can uncover the magnitude of your waste and see how you measure up to your peers in this latest research. Learn more about this free tool and its Software Waste Analysis Dashboard.

Digital disruption is in – and your CIO is on the way out. Far too few organizations – only 7% according to Gartner – are fully digital and the rest will take them years to catch up. If only they had the time.

From 1E, the Software Lifecycle Automation company, COO Nick Milne-Home has already wowed C-level audiences at the MIT Sloan CIO Symposium with his no-holds-barred approach to describing what will happen to those who don’t take action now. Ahead of his presentation at the Gartner Symposium in Orlando, Nick shares his thoughts on the challenges that digital disruption has created for CIOs and the solutions they need to resolve them.

Microsoft Office 365 is a great tool, but deploying and updating it can present a challenge for companies. Not only does deployment have to be carried out by an administrator – making self-service impossible – but updates are streamed down from the internet and can swallow up vital network bandwidth.

1E subject matter expert Mike Terrill has come up with a great solution to this problem that allows you to automate Office 365 deployment and all related updates using your existing System Center 2012/R2 Configuration Manager and 1E Nomad setup. The process takes you from downloading the Office Deployment Tool to full installation in just 8 steps and makes it possible to automate deployment and execute it remotely while saving bandwidth by using Nomad’s peer-to-peer capabilities.

You can read the how-to for this hack on Mike’s Blog, or visit other areas of our website to learn more about Endpoint Automation and Business Prioritized Networks.

If you deploy a piece of expensive software, do you check to see if it’s being used? If not, you are almost certainly squandering money.

The results of our comprehensive study showed that on average, 37% of installed software goes unused. In the US alone, that equals a total of $30 billion dollars in wasted IT spend.

Here’s Buffi Neal, Senior IT Financial Analyst, speaking on the startling amount of software waste today:

 
Intent on creating an accurate benchmark, 1E’s continuing independent Software Waste research spans 4 years, includes 129 companies across 14 different industries, and involves a total of 3.6 million end users’ PCs.

Register today for the 1E’s Software Waste webinar to understand the key takeaways of this research, get a free copy of the full report:

• Understand the principal factors driving the widespread waste of software
• Get familiar with free tools to quantify software waste within organizations of any size

Learn how to evaluate the extent of unused software licenses within your own organization and stop hemorrhaging IT dollars.

Searching for your software waste is not about the money you’ve already spent, but rather about using that waste to decrease future spend. Knowing what you need rather than what you have can help you in enterprise agreement and other software contract negotiations as well as help you avoid, or minimize the unexpected costs of software audits. Using free tools to calculate the value of unused software can provide leverage for the adoption of need-based compliance management. Knowledge is power.

How much is wasted or unused software costing you? Our latest report – covering 3.6 million seats and 1,800 software titles across 129 leading corporations – reveals that on average, companies are wasting 37% of their software spend – a proportion that would be deemed unacceptable in any other part of the business.

We found that there is a huge incidence of software waste across all sectors, even those with a reputation for being lean. The inability of organizations to reduce average waste levels over the four years of our reporting suggest that they remain unaware of the underlying business implications.

So why aren’t businesses doing anything to become less wasteful?

The answer lies in a shift in the way organizations approach IT. In 2015, CIOs are no longer concerned with driving down costs, but have instead turned their gaze towards adding value. Because of this, eliminating software waste, which is often seen as a cost-cutting exercise, has slipped to a far lower place in their priorities. This de-prioritization is a mistake because controlling and reducing software waste adds value to the business by enabling innovation and reducing risk.

How so? For starters, the more unused or unaudited software present within an IT estate, the greater the organization’s vulnerability to attack. Cutting the waste out of software spend not only reduces this risk, but reclaiming what goes unused would give organizations back 37% of their budget to spend on the kind of innovation that will give them competitive edge.

Download our report for an in-depth analysis of these issues as well as the results of a 4 -year software waste benchmark study spanning 129 global enterprises and 3.6 million corporate employees, exposing the cost of unused software to businesses. The report reveals the worst offenders by country, industry, software titles, company size and more.

DOWNLOAD NOW

You can follow 1E and wider-industry news and events via Facebook, Google+, LinkedIn, myITforum, and Twitter, or by signing up to our monthly content newsletter, V1Ewpoint.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

If you’re in the planning stages of a Windows 10 migration, then network capacity will be at the forefront of your mind. One of the biggest challenges associated with migrating to Windows 10 is that regardless of whether you choose in-place upgrade or wipe-and-load, you’ll need to download in excess of 2-3GB of content to every workstation.

In preparation for the upgrade, you’ll be thinking about whether your network can handle that. What you may not have thought about is what is going to happen after you’ve got Windows 10 installed everywhere.

Windows 10 upgrades: the cumulative effect

Windows 10 clients will be updated in two ways – through Service Updates and Feature Upgrades. Service Updates are the traditional fixes and security patches you’ve come to know and love each Patch Tuesday. These will continue to be released each month, but the big difference is that these are now cumulative. Each month your clients will need to download an ever-increasing lump of Windows updates (these are already currently in excess of 500MB). Every month, each client will download the latest entire, cumulative update – not just the deltas since the previous month.

Two or three times a year, Microsoft will release new Feature Upgrades, which contain new features and will effectively replace OS upgrades as you’ve known them in the past. Each of these upgrades will be about the same size as the original Windows 10 installation media (i.e. 2-3GB). The difference is, these Feature Upgrades must be deployed to all Windows 10 devices (with the exception of special systems running the Long Term Servicing Branch) within about 12 months of the general release of the Feature Upgrade to the Current Branch (or within about 8 months of release to the Current Branch for Business, which is deferred after general release by about 4 months). Deploying these upgrades is the only way to remain supported for further Service Updates, which include those all-important security patches.

If you’re using System Center Configuration Manager to deploy and manage your Windows 10 devices, you’ve probably already heard that ConfigMgr will be following a similar servicing model in order to keep up with support of the new Windows 10 Feature Upgrades. This means you’ll need to prepare to update your entire ConfigMgr infrastructure at around the same frequency as the Feature Upgrade releases (two or three times a year) in order to remain supported.

Since these upgrades can’t be avoided, now is the time to think about how to minimize the impact they will have on your infrastructure and your network. One of the best ways of doing this is to use a peer-to-peer content distribution solution – such as 1E Nomad. Nomad not only significantly reduces the volume of content being distributed across your WAN, it also helps you eliminate the number of ConfigMgr servers you need – further reducing your upgrade burden.