Products – 1E Enterprise Software Lifecycle Automation

throttle v. to regulate the flow (e.g. of fuel to an engine)

1E had an awesome few days in Minnesota for this year’s MMS! If you managed to get there I’m sure you had a great experience yourself and learned a lot from the great sessions and speakers (you may have attended some of the nine sessions co-presented by our very own Mike Terrill, Troy Martin and Keith Garner with our friends from Dell, TrueSec and CoreTech). During periods of, shall we say ‘rest’, the attendees inclined to use urinals may have been curious about a campaign against throttling. Or maybe you observed this campaign to seek out and eradicate this particular evil in the form of a marching protest or a mascot milling around.

The throttling that this particular campaign was out to stop was not the strangulation of people by application of pressure to the windpipe, but instead the eradication of network throttling, specifically in the context of distributing Configuration Manager content to devices throughout your network. The argument of this uprising was that “throttling” is bad, “predictive bandwidth harvesting” is good. But what does that actually mean?

What's the difference between throttling over the WAN and predictive bandwidth harvesting? http://ctt.ec/ZzOpB+

Click To Tweet

Throttling generally means regulating the flow (of network traffic in this case) by some form of restriction at the source. It is important to understand the difference between limiting and dynamically regulating the flow of traffic, as the term throttling is often used to describe both. When you’re driving, you use the accelerator (gas pedal) to dynamically regulate the flow of fuel to the engine (and therefore your speed) according to the conditions ahead. This is similar to the way 1E Nomad works when it needs to download content across the WAN from a remote Distribution Point. If your car is fitted with a speed limiter that you set to 30 mph, you can dynamically adjust to some extent (up to 30 mph) but will never go above that, even if the road ahead is completely clear. This is similar to the way the Background Intelligent Transfer Service (BITS) works.

The No Throttling camp assert that their “packet-based network protocol predicts how much traffic will be entering the WAN in real time, by reading the length of router queues”. Let’s take a look at that. Imagine you have a flight you need to catch for an important business meeting. As your taxi pulls up at the airport, you see a school bus unloading into departures. You can see through the glass that there is currently hardly anyone at the check-in desks (your first ‘router’ if you will) right now, but by the time you’ve paid the taxi driver and obtained that all important receipt for expenses, 30 children and 5 stressed responsible adults are now in the queue.

No-throttling

Now, being an organized school trip, they all arrived with two hours to spare before their flight. As a busy person, your time is more valuable – you can’t afford to be so leisurely and probably left it quite late. If you had got there just 30 seconds earlier, things would be different. But now you have 35 people ahead of you and you have to wait until they are all checked in. When they arrived, the responsible adults ‘read the length of the queue’ (hardly any) and joined it. How could they predict that you, whose flight leaves in just 40 minutes, was about to arrive and would be delayed – might even miss your flight – by their action. So you wait, you check in and make your way to security (your next ‘router’ in the path between check-in and your plane). Guess whose there already? You wait again while 30 school boys and girls take their shoes off, remove iPads from their bags and progress through the scanner to the gate (the next router).

Now let’s consider the same scenario where a reactive, dynamic regulation of flow, similar to that implemented by Nomad is used. The school bus arrives at the airport, but just one of the responsible adults leaves with a couple of children to join the queue. That responsible adult starts checking in the first children and radios back to another responsible adult on the bus to say there is hardly any queue – send a couple more children. You pay your taxi driver, wait for the receipt and go in to the departures. There are just 3 children in front of you in the queue. Another group of important looking people also join the queue behind you. The responsible adult sees there are important people that probably need to get through, so they radio back to the bus to let the others know – don’t send any more children just yet. Within a few minutes, both you and the other group of important looking people are through check-in and on your way to security (where you won’t have to wait for 35 people as most of them are yet to join the check-in queue).

no-throttling-2

The point is, it is impossible to predict what is going to happen on a network, or when important content is going to be presented to the network. However it is positioned, bandwidth management can only ever be reactive, whether that is a reaction to a queue length, or reaction to the effect of your own and other users on the network. Rather than pushing content onto the network, Nomad pulls content from the Distribution Point. The Nomad client in the remote site will act like the responsible adult that requests only a small amount of data each time. Rather than fill an empty queue with no further control over regulation of that content as it makes its way through the network, Nomad regulates the flow by requesting small amounts of data and dynamically adjusting the rate of those requests based on the effect it is having itself, the ability for the agents involved to process those requests and the unpredictable actions of other more important users of the network. If that is throttling, then why eradicate it?

1E Nomad has been enabling software distribution to remote devices while preventing it from slowing down important business traffic for nearly 15 years. To find out more about how we do it, check out this video on our website and also Troy Martin’s blog from 2014.

The post No Throttling!? appeared first on 1E Blogs.

Understanding the 1E Peer Backup Assistant

In our recent webinar on automating the switch from BIOS to UEFI, Mike Terrill demonstrated the process of performing a wipe-and-load migration to Windows 10 (required when switching from BIOS to UEFI) that preserved the user data and settings using the Peer Backup Assistant feature of 1E Nomad. A number of questions were raised about this particular feature in the Q&A session at the end, so this article is aimed at addressing them all together. We have also published a blog that answers the questions specifically relating to the 1E BIOS to UEFI technology. Miss the live broadcast? You can watch the webinar on-demand here.

When refreshing or replacing the operating system on a user’s device, you will probably want to save and restore their files and settings. You can use the Capture User Files and Settings and Restore User Files and Settings steps in a Configuration Manager Task Sequence to achieve this. These steps execute the Microsoft User State Migration Tool (USMT) behind the scenes to actually carry out the backup and restore of user data.

In some cases, if the disk is not encrypted and does not need to be re-partitioned, USMT can use hard links (by checking the Capture locally by using links instead of copying files option in the Capture User Files and Settings step), which allows the user state to be stored safely on the local disk while the old OS is deleted and the new image installed.

When hard links are not an option

However, when the disk needs to be re-partitioned (as required when switching from BIOS with MBR to UEFI with GPT), using hard links is not an option as no data on the disk can be preserved when the disk is re-partitioned. In this scenario, you need to store the USMT data off the device. Normally this would require a State Migration Point, but the 1E Peer Backup Assistant (PBA) feature enables this data to be stored temporarily on one or more local peers and restored from one of those peers after the disk has been re-partitioned and the new OS image installed.

So how does Peer Backup Assistant work?

The Peer Backup Assistant is enabled on whichever devices you want to use to temporarily store user data. You can configure how much disk space you want to allocate for the storage of USMT data on each of these devices. To use the Peer Backup Assistant feature, you add the 1E Peer Backup Assistant steps into the Capture User Files and Settings and Restore User Files and Settings groups in the Task Sequence.

The first step is Provision Nomad PBA Data Store. This finds a local peer that has the PBA feature enabled and sufficient allocated space to store the user state from the device. (The step includes a parameter for the estimated required space, which can use the USMTESTIMATE Task Sequence variable if you are using an MDT-integrated Task Sequence). By default this step will find a peer on the local subnet, but you can configure Single Site Peer Backup Assistant to locate and use PBA storage on adjacent subnets. When this step locates a suitable peer, a new file share is created on the selected peer and the OSDStateStorePath Task Sequence variable is set to the path of this share.

What happens if the peer goes offline?

The Capture User Files and Settings step is executed after the Provision Nomad PBA Data Store step and uses the OSDStateStorePath as the destination for the USMT savestate action, so effectively we’re just redirecting the output to a local peer. PBA has no control over this process – if the selected peer goes offline while the user state is being backed up, the task will fail. You can capture this failure in the Task Sequence and either exit (so the new OS is not installed but user data is safe), or include a ‘repeat on failure’ group that reruns the Provision Nomad PBA Data Store step to locate an alternative peer then rerun the Capture User Files and Settings step.

Is there just one copy of the user state?

Peer Backup Assistant includes a High Availability option that enables additional copies of the content to be made on other peers once the initial USMT backup has competed. (This is done by adding the Nomad PBA Data Store High Availability step that specifies how many addition copies you want to make after the Capture User Files and Settings step has completed). If this option is used and the peer goes offline during restore, you can create a ‘repeat on failure’ group of steps that re-runs the Locate Existing PBA Data Store step to find one of the other copies then rerun the Restore User Files and Settings step.

How is the user data secured on the peer?

A new file share and local user is created on the selected peer for each device storing data on it. By default, Authenticated Users have access to the share, but this can be locked down to just the internal, local Nomad user accounts. By default, local NTFS permissions on the selected peer will enable users to view the .MIG file created by USMT, but again these can be locked down according to your requirements. USMT also enables the data to be encrypted if you want to protect the data further. After the client has successfully restored the user data from the peer, the Release PBA Data Store task in the Task Sequence will remove the data from the peer, so the data is only stored temporarily on the device until it has been successfully restored on the client being rebuilt.

To learn more about how 1E address all the challenges of migrating to Windows 10 through automation, please visit www.1e.com/Windows10.

The post Understanding the 1E Peer Backup Assistant appeared first on 1E Blogs.

As discussed in previous blogs (Is Power Management Different on Modern Devices?) and other materials, Deepest Runtime Idle Power State (DRIPS) on your modern tablets, 2-in-1’s, and similar devices doesn’t always work properly. NightWatchman 7.1 gives you the reports to centrally determine where that’s the case. What do you do next?

We’ll answer that question in a moment, but to review you should:

Open your NightWatchman report console
Go to the “Lowest Power State” Power Optimization report
Review the computer models to determine which have “components not idling”, “software polling too frequently”, and “software polling too infrequently”
1. You might look at specific business units or locations for unique issues

You now know that you have a problem. You should find examples of relevant computers. On them, open a command prompt and enter the command “PowerCfg.exe /sleepstudy /duration 28”. That will generate a sleepstudy-report.html. Open it in your favorite web browser.

Now you can get to root causes. Not far into the report you’ll see a table of connected standby sessions with headings such as “start time” and “duration”. Ideally the rows should be like this:

drips_1

During this session this device was in “low power state” (DRIPS) 99% of the time. And the “HW” indicates that DRIPS was enabled by the hardware, which is ideal. If you click such a row you’ll jump to a section of the report that looks like this:

drips_2

Now we can also see a histogram that shows how frequently the system checked for e-mail or similar non-realtime data during the session. In this case there was a lot of checks about every 32 seconds and a few that were every 16 seconds. There were none that were excessively frequent (far left) or excessively rare (far right).

The “top offenders” are really the consumers of power during the period. Even the worst of these, the Wi-Fi NIC, was only active 2% during the period. The various components of the system (activators, processors, FX devices, etc.) are all green (good) or grey (not used). So this system is behaving as desired.

However, you’ll also see examples such as:

drips_3

Session 10 is bad: lots of battery drain (over 2% per hour) and the system didn’t get into DRIPS at all (0%) even though it was on standby.

Session 11 is red but not nearly so bad – it was in DRIPS 97% of the time, just shy of the ‘acceptable’ 98%.

Session 12 does get into DRIPS 98% of the time and thus is orange. I wouldn’t worry about this session or session 11.

What happened during session 10? Well:

drips_4

Drilling into the “Fx Device” section below this doesn’t say anything more in this case. An “Fx Device” is a power management framework component and in particular is related to the graphics (display) controller in this case. So the most likely solution in this case is going to be to check with device vendor to see if they have an updated device driver for the graphics subsystem, or possibly for power management.

In other cases you might see sessions such as this one that also got 0% DRIPS during standby. Drilling in, we see:

drips_5

“WU” means Windows Update, and drilling in to other “offenders” confirms that the “PDC Phases” (for the power down controller) was 60% in maintenance mode, and the NIC and disk were used a lot. So the system was doing some regularly scheduled patch management.

You won’t see examples like this nearly as much in investigating Power Optimization issues because they’re one-off issues. Hardware related issues will standout because they occur during every connected standby session (or at least most of them).

There’s obviously more to this topic and we’ll get into it in other blogs, whitepapers, NightWatchman documentation, etc. The key point for now is that you can see how actionable Power Optimization data is. With just a little effort you’ll be giving your organization’s users the smartphone like experience the modern device vendors are promising!

In the meantime, to learn more:

The post What’s wrong with DRIPS on my device? appeared first on 1E Blogs.

Given the importance of reboots and the pain that our users often feel when computers must be rebooted, every organization should have a reboot strategy. Hopefully we can minimize the pain in some ways, but at least some predictability will allow the users to know what to expect. As administrators, we can be sure we’re optimally accomplishing what we need to cater to both the needs of the business and those of the end user.

A 2015 independent survey of 100 organizations, 65% did have a reboot strategy. 66% reboot as needed, and 70% of those that forced reboots, forced them within a day of installing patches.

In addition to having such policies, you should define when you will force reboots:

To mitigate zero-day vulnerabilities?
For critical or more serious updates?
Every Saturday, just in case?

As you define your reboot strategy, you should review the technologies involved in your rebooting. Microsoft Windows, the applications running on your computers, your hardware, and possibly System Center Configuration Manager and third party tools can be relevant. Each have options that could be better used or configured. Our “Improve Security by Optimizing Your Reboot Strategy” whitepaper helps you to identify and understand your options.

Similarly, you should define the relevant stakeholders, such as your security team, end-user experience team, and management. Involve them in the process so that all points of view are represented.

Your strategy might include a user education campaign. If users understand why reboots are needed, their significance for the organization’s security, and begin to perceive better service as a result, they should be more cooperative.

You can leave at least some reboots to end-user discretion but that can be a challenge to security in two ways:

Your computers remain vulnerable to security attacks until the reboots occur
You cannot verify success of a security change (such as an update deployment) until a large fraction of your users have rebooted their computers

There is a lot to consider in developing or refining your reboot strategy. Our whitepaper helps.

The post Have you reviewed your reboot strategy lately? appeared first on 1E Blogs.

Microsoft’s move to make Windows 10 a ‘software as a service’ means that updates are going to be even more numerous. We all know that too many updates require reboots, so reboots (or “restarts”) will also become more numerous due to the addition of feature updates since the number of updates is only growing. That’s not good news – restarts are a pain for both administrators and end-users alike. Microsoft surely knows that, so you would think that in this new world they would work to reduce the pain of restarts. Have you heard anything along those lines in all the discussions of Windows 10? Sadly, I haven’t.

With a little digging, however, you will find that Microsoft has actually been conscious of the pain of reboots for a long time, having invested very aggressively over the years to mitigate them. Our “Improve Security by Optimizing Your Reboot Strategy” whitepaper goes into details about those efforts, but today we’ll focus on Restart Manager.

As early as 2005, Microsoft described Restart Manager as:

“If a part of an application, or the operating system itself, needs to updated, the installer will call the Restart Manager, which looks to see if it can clear that part of the system so that it can be updated. If it can do that, it does, and that happens without a reboot.”

They said this feature would be used by Windows Update, WSUS, ConfigMgr, and similar services to greatly reduce the need for reboots. Wonderful!

Resources of various types, such as files and registry entries, are used by software that runs on your computer. When an update or installation occurs, it has to change a lot of resources. If any of those resources are shared, the other software sharing the resources could be affected. Changing a shared resource while it is in use could cause unpredictable results and is often not possible. Restarting the computer allows the resources to be updated or installed before any software starts using them, overcoming the sharing problem. Restart Manager tries to avoid the computer restart by only restarting the software that is sharing the resources.

This all sounds great, but today’s reality is that it is still very common for installations or upgrades to require restarts. You might think this means Restart Manager was deprecated, but Restart Manager events can be seen in the Windows 10 Application event logs. Looking at them, you’ll see that typically Restart Manager finds that an application “cannot be restarted – Application SID does not match Conductor SID”, cryptically meaning that the security context of the update program is different from the security context of an application using at least one shared resource. That symptom could be an indication of a malicious restart by some kind of malware, so Restart Manager is prevented from restarting the application. This issue might not occur for every application that is sharing resources relevant to an update, but if an update requires updating resources shared with multiple applications, the probability greatly increases that at least one application cannot be restarted. Therefore Restart Manager is not successful and a computer restart (reboot) is needed.

So Restart Manager is a great idea to reduce reboots but to be safe Windows frequently can’t use it. That’s disappointing, but even in the world of software, sometimes reality trumps theory. Learn more in our whitepaper.

The post Whatever happened to Windows’ Restart Manager? appeared first on 1E Blogs.

As discussed in previous blogs and other materials, Deepest Runtime Idle Power State (DRIPS) on your modern tablets, 2-in-1’s, and similar devices doesn’t always work properly. NightWatchman 7.1 gives you the reports to centrally determine where that’s the case. What do you do next?

We’ll answer that question in a moment, but to review you should:

Open your NightWatchman report console
Go to the “Connected Standby” Power Optimization report
Review the computer models to determine which have “technical issues” or that are “not doing Connected Standby Correctly
- You might look at specific business units or locations for unique issues

As we discussed in the previous post about DRIPS issues, you want to find sessions with a high percentage of DRIPS activity, indicating they’ve gotten into the proper state and thus are doing connected standby. You then want to look at the histogram in the session details to see if the e-mail and similar non-real-time data updates are being done at the right frequency, as in this case:

connected standby 1

A little more frequently or less frequently might be acceptable if you don’t mind a little less battery life or not having all e-mails in the inbox on start-up (respectively). If the device is not used to check e-mails then the latter issue is not a problem at all.

connected standby 2 connected standby 3

This histogram might be a cause for concern, for example:

connected standby 4

However, when you drill into the “activators” (software) you might see that it’s a weather application trigger the activity, for tile updates in particular. Given that weather doesn’t meaningfully change minute-by-minute, a 16 minute or longer update frequency is actually ideal, keeping battery consumption low.

On the other hand, if you were expecting e-mail updates, the lack of related activity would be a problem and thus you should check the e-mail client software.

connected standby 5

There’s obviously more to this topic and we’ll get into it in other blogs, whitepapers, the NightWatchman documentation, etc. The key point for now is that you can see how actionable Power Optimization data is. With just a little effort you’ll be giving your organization’s users the smartphone-like experience the modern device vendors are promising!

In the meantime, to learn more:

The post What’s wrong with Connected Standby on my device? appeared first on 1E Blogs.

It’s really hard to put numbers on the benefits of many products or services. For example, could you justify upgrading from an old banger to a new Jaguar based on having a better infotainment system? (Making such a decision is definitely tricky – if anyone can help me make my case to my financial advisor, please let me know!)

However, many (if not most) businesses try to apply some kind of financial benefit test to any form of major investment including desktop and server operating system (OS) upgrades even if the benefits aren’t easily quantifiable. Of course, that’s sensible financial management. But OS upgrades are perhaps the most difficult of decisions to make based on purely financial grounds. If your priority is to keep workers focused on their day job with the least interruptions possible then most PCs would probably still be running Windows 95. Inertia is a powerful force.
survey image

But people aren’t still running Windows 95 (or at least not the majority). Windows 7 saw a massive adoption from Windows XP for many reasons – better user experience, faster, and more secure were all benefits of Windows 7. But how were those benefits measured (if they were) to justify such an upgrade?

Justifying an OS upgrade is a hot topic again as many companies are in the process of making the move to Windows 10 and trying to work out the cost/benefit of the change and how quickly it should happen.

Microsoft have just published a Forrester Total Economic Impact (TEI) report that is a massive help to understand the normally intangible benefits of moving to Windows 10. The TEI methodology considers aspects like security breach remediation, improved customer experience and productivity, as well as simple costs. By considering the benefits realized at a variety of different companies that have already made the move, the TEI approach should make the results relevant to a broad range of organizations. Importantly, they also include the on-going costs of maintaining Windows 10 as Microsoft have introduced their new servicing model that will require more frequent system updates in the future.

One of the issues that perhaps isn’t well covered in the report is the process of rolling out Windows 10 to large numbers of systems in hundreds of locations while also enabling the new security features in Windows 10. They consider the time required for initial planning, application testing etc. but it’s not clear they’ve factored in the effort required for scheduling migrations especially when enabling full Windows 10 security features requires a manual intervention with every machine.

This is where the 1E Window 10 Now solution fits – with its unique automation for deploying Windows 10 without the need for remote servers, converting from BIOS to UEFI automatically and refreshing end-user applications as needed. Even without those advanced features, 1E’s Nomad can greatly simplify the network infrastructure required for rolling Windows 10 out to end users while reducing hardware and personnel costs. Visit http://www.1e.com/products/windows-10-migration/ for more information.

Now, I’ll get back to my Jaguar cost justification project …

The post Windows 10 Benefits and Forrester’s TEI Report appeared first on 1E Blogs.

The recent release of NightWatchman 7.1 includes two important new features: Power Optimization and Reboot Optimization. Today let’s focus on Reboot Optimization.

Reboots have been a serious pain for both users and administrators as long as we’ve had computers. We know they’re necessary, but are too often needed when we have important work to do. There’s always the risk that unsaved data could be lost and we’ll be inconvenienced. So, we should do what we can to optimize the experience.

NightWatchman has long helped with reboots by making them safe. To safely shut down computers for power savings, NightWatchman has coordinated with applications to save unsaved document changes on shut down. When the computer is started up again, the users can choose to use the unsaved changes or go back to the pre-changed documents. Using that feature, you’ve been able to confidently force reboots as needed.

The next step is to get data on all reboots, NightWatchman-related or not. Waiting for complaints or just hoping that users are not too badly affected is not a proper strategy. With NightWatchman 7.1 you now know that data. In particular:

When are reboots happening? You expect a lot after Patch Tuesday when you enforce the reboots (or suggest them to users), but what about other times? Is your Patch Tuesday rebooting actually being completed as you believe?
How long are those reboots taking? Waiting one minute for a machine to reboot is painful enough but do you have some that are taking three, four, maybe five minutes? Longer? Those users can’t be happy, and they’re much less likely to reboot when you need them to.
You might not force reboots right after installing something that needs a reboots. These are “pending reboots.” For security updates, that means the vulnerability they’re fixing is still open. A short pending period can be reasonable, but is that what is actually occurring?
And when are those pending reboots occurring? Patch Tuesday is to be expected, but are there other times when they occur?

With this data in hand you can work with related teams, such as your Security department, to assess the actual reboot activity. Are your security goals being met? Are users being overly inconvenienced?

In some cases, you might find that certain business units or regions are having bigger issues than others. Maybe they have an application or management tool that makes unnecessary reboots more likely. Do they have computers that need improvement? Is a computer startup script or other configuration issue causing them grief?

With a proper understanding of what’s happening you can maximize security for your organization while providing the best possible user experience. A win for all! For more information, please see our Reboot Optimization whitepaper.

The post What is Reboot Optimization? appeared first on 1E Blogs.

Making a mistake at work is never a good thing. There are some jobs, however, where a mistake can be a really, really, really bad thing. Various professions spring to mind. Surgeons, for instance. Or pilots. Less obvious, but no less daunting, are the inherent risks faced by utilities maintenance crews on a daily basis. If maintenance crews accidentally hit a water main, you flood the street. If you hit a gas main – KABOOM! –say goodbye to the street altogether…

In the US, anyone planning to dig any kind of large hole can call 811 and receive the underground maps needed to safely guide the excavation. These are updated all the time, so for a utilities crew covering a large region for a utilities company, it’s extremely important (KABOOM!-level important) that they’re using the most up-to-date version.

Ideally, a utility company would have its maintenance crews download these updates on-the-go, but this is easier said than done. That’s why one of the largest natural gas utility and delivery companies in the US, relies on 1E Nomad for robust, remote content distribution.

This particular company’s maintenance crews travel with MDTs (mobile device terminals). While trucks will sometimes be found at satellite depots with network connections, more often than not they are out in the middle of nowhere, at the side of a road, digging a hole, and totally dependent on a cellular connection for communications. With those all-important updated maps equating to about 4GB worth of data, the utility company was sending CDs and DVDs to their crews to deliver the updated maps. Users would then have to manually update their MDTs, while the customer company had no way to establishing whether or not the updates had been successfully delivered.

roadside content delivery

The challenges of roadside content delivery created a scenario crying out for 1E’s Enhanced SCCM solution, Nomad. 1E Senior consultant John DeVito explains:

“The big thing that the customer wanted to accomplish was to be able to transfer the map data over the network, get validation that the content had been received from the mobile device terminals, and for the MDTs to automatically determine the most efficient method for retrieving the content. When they were on the 3G or the 4G networks, the machines would reach out to a Configuration Manager distribution point to get their content, but Nomad would throttle the bandwidth, so the data would trickle down to the machines and not over-utilize the cellular data link.”

Additionally, when a service vehicle pulled into a depot or satellite facility, Nomad enabled the data transfer to automatically switch from the cellular connection to the wireless, and to make use of Nomad’s unique peer-to-peer connection.

“Some of these satellite offices still had to go through a slower WAN link to get back to the Configuration Manager distribution point,” explains DeVito. “Ultimately, the most efficient thing would be to share peer-to-peer.”

Nomad, in short, was able to fit the customer’s needs to a ‘T’. I ask DeVito if, besides other utility companies, he could think of any other use cases this one pointed in the direction of?

“I’m just throwing this out there, but what about police departments? They all have laptops in their cars, and these laptops need to get security patches. When they’re driving around they need to have some remote connection, and when they pull into the police station it should switch over.”

Law enforcement? Sounds like another example of a high-risk profession where Nomad could make a critical difference.

The post Roadside content delivery prevents explosive results appeared first on 1E Blogs.

The recent release of NightWatchman 7.1 includes two important new features: Power Optimization and Reboot Optimization. Let’s focus on Power Optimization.

NightWatchman has long helped many organizations with power management to reduce costs and environmental impact by reliably and safely shutting off computers or putting them in a standby state when they’re not being used. That continues to be of immense value to our many customers but the world now includes a wide variety of low-power computing devices. NightWatchman 7.1 helps you to optimize them as well.

The computer industry has been amazingly innovative in recent years, releasing a cornucopia of 2-in-1’s, convertibles, tablets, and similar form factors. Like laptops and ultrabooks, they provide a great mobile battery-enabled experience. They also include a very smartphone-like experience. I suppose we should thank Apple for spurring the industry to wake up to the importance of design and new form factors.

How are these modern devices “smartphone-like”? Increased battery life is crucial, especially when the device is in standby. Some of these devices may only be used occasionally, such as at meetings, in front of the TV, on a plane, etc. So you don’t want to think about charging them every day. In fact, if you haven’t charged it for a few days, it should still be ready to go. At the same, time you don’t want to miss out on Skype calls or instant messages when it’s on standby. You need to know about those right away. And when you power it back up to check e-mail, the inbox should already be full with your latest new messages. Just like your smartphone.

Intel, Microsoft, and the device vendors have seen the need (the threat?) and have provided such functionality in those devices. They’re based on what’s called “system-on-chip,” meaning that many of the computer components are on a single chip, saving space and power requirements. The rest of the components are tightly coupled in order to provide those smartphone-like features. As you move to Windows 10, your users are also going to be keen to move to this kind of computing experience.

Great stuff, but does all this work as it should? Does it break when things change? Are you sure?

NightWatchman 7.1 gives you the answers. It collects the data from all your clients, consolidates that back at the NightWatchman server, and provides the reports you need to proactively find problems. All broken down by device model, business unit, and region.

And there’s more! How are the batteries themselves doing? Not only on these modern devices but also your laptops and ultrabooks. We know batteries don’t last forever. Do you replace the devices (or the batteries) every couple of years just to be safe? What about those devices that aren’t used in battery mode that much – that would be a waste. Do you wait until customers get so frustrated that they call the helpdesk? That’s not efficient and certainly doesn’t make for happy users.

NightWatchman 7.1 allows you to proactively watch how the batteries are holding up. Have they been discharged/recharged to the point where they’re likely bad? Do they only get a quarter of the battery life that they originally did? NightWatchman has those reports as well. Management and your finance department can budget months ahead of time for the eventual demise of the devices users depend upon.

Power Optimization is a new form of power management for your modern devices. Find out more:

The post What is Power Optimization? appeared first on 1E Blogs.

Now, I’ll get back to my Jaguar cost justification project …

The post Windows 10 Benefits and Forrester’s TEI Report appeared first on 1E Blogs.

As techies and computer managers we hear a lot of complaints from friends and family about using computers. One of the most common is the pain of reboots/restarts. Restarts seem to always be needed when we’re busy doing something, they take too long, we might lose data, and we might have some kind of problem when the system starts back up. The computer industry, and Microsoft in particular, have surely heard the same complaints. What have they done about it?

To their credit, Microsoft has actually done a LOT to minimize the pain of reboots. Restart Manager, Application Restart and Recovery, and hot-patching are among their big investments. Windows has a variety of subtler reboot features. For example, strategic placement of the reboot menu options so that users can readily find them. Attractive and friendly prompts to reboot, often including the option to schedule the reboot. Alternate means to invoke restarts, such as shutdown.exe.

Applications often try to help by listening for shutdown events and trying to shutdown gracefully if they can. Some routinely autosave data so that you don’t lose all your work if an unexpected reboot occurs. Web browsers usually record a history of web sites visited and sometimes include menu options or automatic functionality to restore previous sessions.

Intel and the computer vendors have done a lot to make the hardware reboot faster. Besides optimizing the boot sequence and hardware to speed reboots, they’ve also long supported sleep modes and hibernation as alternatives to rebooting.

That’s all great, but they aren’t new. So why do we still struggle with reboots? When you look at each of the solutions, as we’ve done in our “Improve Security by Optimizing Your Reboot Strategy” whitepaper, it turns out that there are fundamental complications that prevent some great ideas from being as effective as they might have been. And, as the title suggests, some of the fault can be our own if we have not closely considered what we can do for our organization’s reboot strategy.

Nonetheless, I’ve been disappointed to hear so little in all the Microsoft discussions about Windows 10 in relation to minimizing the pain of reboots. It seems that Microsoft has indeed given up on minimizing that pain. It might be time for all of us to remind Microsoft that more must be done.

The post Has Microsoft given up on minimizing the pain of reboots? appeared first on 1E Blogs.

A century ago commercial flight was bold and glamorous, a new industry that dared to push innovation to the limit. It was this spirit of invention that has spurred the dramatic changes and improvements to the airline industry we have experienced over the past few decades.

Today, millions of passengers rely on air transport to move from one part of the world to another, growth that has shifted the focus from innovation to safety and security as a priority.

Yet in a fast-changing industry such as aviation, innovation – and technology in particular – remains key to driving even greater safety, increased efficiency and serving a growing number of passengers better. No one understands this better than SITA, who helps airports and airlines transform air travel through the smart use of technology in every aspect of their business.

SITA draws on its decades of experience to solve the industry’s biggest challenges, often working with partners who provide unique and niche capabilities and knowledge.

1E is one of those partners helping SITA meet a small but significant challenge. In this case it is helping airlines keep their remote offices connected to the airline’s central hub while providing the most up to date end-user computing facilities.

“Airlines usually have a very small number of people at these sites, but for an airline with a huge global network these could include hundreds of locations,” says Pierre Guiol, Product Manager of End-user Computing at SITA. “These sites generally have limited bandwidth which is predominately used to support core functions such as boarding and reservations. This makes distributing software, updates and patches to an airline’s global network a real challenge. IT operations usually struggle to push out a 300 megabyte applications or updates and some airlines regularly fly out IT staff to their offices globally armed with a USB stick to provide updates.”

Using 1E’s Nomad offering, SITA is now able to offer a solution to that problem. Nomad allows bandwidth throttling, removes the competition between IT and business traffic, and its peer-to-peer delivery eliminates servers and complexity from the network. “In other words, Nomad allows airlines to use their bandwidth more wisely. Nomad is able to prioritize data while identifying periods of low usage in each location, using any spare bandwidth to dispatch updates and software digitally. That means there is now no longer any need to dispatch IT personnel to remote offices in person. Updates can be done centrally,” says Guiol.

It is a small success. But it is vital solutions such as these that help airlines transform their businesses to become smarter and more efficient. 1E is glad to be part of that transformation.

The post 1E and SITA: Helping airlines connect their global networks appeared first on 1E Blogs.

This month saw the Windows 10 Anniversary Update (version 1607) release, a significant milestone in the life of Windows 10. There was more than a little controversy in its wake, with some going so far as to recommend skipping the update altogether. The 1E Blog decided to talk to resident Windows 10 expert to learn more about the servicing model, its implications for enterprises, and whether some of the criticism it draws is warranted.

Hi Dave, what do you think are the origins are of the Windows 10 servicing model?

It’s really about being able to do quicker increments to the functionality of the operating system, that’s the way I see it. Whereas before you’d have to wait a fairly long time for a service pack to introduce new features, the idea behind this is that Microsoft can develop and release new features more rapidly and engage more of the community in the testing of those features through the Insider Program, so that corporations can actually start working with those new features in the early stages of the development.

Do you think Windows 10 really is going to be the last Microsoft operating system ‘as we know it’?

There’s nothing to suggest otherwise. Gartner has said Windows 10 is inevitable, everyone’s got to migrate to it, it’s going to be maintained by the service model now, so it will just be future versions of Windows 10. The thing is, a feature upgrade is effectively an in-place upgrade to a new operating system now.

The main implication for enterprises is that they’re going to need to think about updates more frequently than they did in the past. The reality is that any version will be supported for perhaps 18 months maximum. If you think about the very first Windows 10 version (1507) released in July 2015, it was followed up four months later with the 1511 version. Now that 1607 is out, we can expect it to go ‘Business Ready’ (aka Current Branch for Business) in about 4 months, so November/December. At that time customers still on 1507 will have just 60 days to get onto either 1511 or 1607, so the supported lifecycle of 1507 will have been July 2015 through January or February 2016 –18 or 19 months.

Why do you think Microsoft ultimately decided to limit the frequency of these updates?

Originally they were talking about a release every four months – so two to three a year, and they’ve revised that down to two updates a year. I guess it’s down to the pace of organizations being able to adopt. If they were releasing three a year that considerably reduces the lifecycle of any one of those versions. If they’re releasing more versions more rapidly, it means those older versions are going to go out of support quicker. I guess it’s just a practicality thing. From an enterprise customer point of view, there’s only a certain pace enterprises can keep up with.

An eighteen-month lifecycle for a particular version is potentially sustainable but I think organizations should consider upgrading once a year – at least once a year. That’s probably what most larger organizations will plan to do.

How can 1E Nomad help large businesses manage this necessity?

Well, one of the main concerns for a large organization that has migrated onto Windows 10 will be getting those updates out. These are very large updates. In the past, if you think about a service pack for an operating system, that might have been in the region of hundreds of megabytes, now you’re talking about effectively in-place upgrades, which is around 3 gigabytes of content you need to get out to each machine in order to deploy that: that’s a big strain on your network.

With Nomad we’re able to distribute that content around using peer-to-peer technology, so we don’t need distribution servers in every remote location. It uses a dynamic election process where a client will download the content from a remote distribution point and share that content out with its local peers.

With Nomad you haven’t got all the clients downloading it across the WAN. You don’t need infrastructure there: it’s actually being distributed in the most efficient way throughout your environment, so you can get that content out safely and quicker to your end points so they can be upgraded.

What about the complaints following the recent Anniversary Update – could Microsoft be doing more to avoid these or are such imperfections pretty much inevitable?

I think it’s inevitable. With each phase of the release cycle it’s getting better … but, as a Current Branch or ‘pilot’ release goes mainstream it’s going to hit a lot more machines, there’s inevitably going to be issues that weren’t necessarily seen, and then you get the cumulative Service Updates – security fixes and patches that come out each month. By the time it gets to the deployment or Current Branch for Business release, four months down the line, it’s been much more extensively used and a lot of those issues will have already been addressed.

The post Managing the Windows 10 Servicing Model appeared first on 1E Blogs.

NightWatchman is great at shutting down computers when they’re not needed and waking them when they are. Sometimes I wonder if WakeUp is even more popular with our customers than power management or the other NWM features. But like a parent, as product manager I try my best to focus on all my ‘children’ equally.

One thing I’ve realized is that our customers use WakeUp in an amazing number of ways. You might think that wake-on-LAN (WOL) is simply needed either to wake computers by administrators for maintenance or by users for remote access. That’s true, but there’s a lot more to it.

In particular, WakeUp can be and is used in all these ways:

By Microsoft ConfigMgr (SCCM) administrators:
- Software update deployments
- Shopping deployments
- Other deployments, including applications and operating systems
- ConfigMgr console for either collections or individual machines, possibly with a policy refresh
- Wake Nomad peers for cached content
- Nomad pre-caching
- AppClarity’s Reclaimer to quickly uninstall unused software
By NightWatchman administrators with or without ConfigMgr:
- NWM console for either groups, individual machines in the tree view, computers in query results, or any combination of such clients
- Alarm clocks (so that computers are ready to be used in the morning, for example)
- Maintenance windows (for middle-of-the-night work)
- From scripts or other custom programmed solutions for special purposes
By end-users:
- Web WakeUp for remote access to their work computer(s)
- Custom interfaces that use the Web WakeUp APIs but not its interface
By other teams:
- The Security Team for security investigations or audits is an especially good example. They’ll use whichever of the above techniques is easiest for the NWM admins but what makes this tricky is that they often want the device to then stay awake for days

So that’s 14 different ways that people use WakeUp, or even more if you distinguish the sub-scenarios (such as the four ways the NightWatchman console can send wakeups).

Which of these is most popular? Usage really does vary a lot by customer, so it’s hard to say. Waking computers for software updates is very commonly used and almost always for large numbers of computers, but it tends to be used once a week or once a month. Waking for software deployments is even more commonly used but generally not on huge numbers of computers (it depends on how many machines the deployments apply to). Each of the scenarios above is important to at least a subset of our customers, so we take them all seriously.

And that’s not all. Integrating WakeUp better with new and existing 1E solutions can make those solutions even more effective. And we know new scenarios will become important as technology advances. For example, wake-on-voice or wake-on-presence will become significant as we get used to our devices being ever more intuitive. The NightWatchman engineering team and I have a lot of plans for WakeUp.

I encourage you to review the list above and consider whether you help your organization even more by using WakeUp in even more ways.

The post Why Do We Wake Computers? appeared first on 1E Blogs.

When it comes to software vendor audits, most people rattle off the likes of IBM, Microsoft, Oracle or SAP. Rarely do people mention Attachmate audits. However, when the Attachmate name comes up, you tend to hear how aggressive they are when it comes to enforcing their license terms and conditions.

First, a bit about Attachmate. Attachmate* is part of Micro Focus, a UK-based organization. Attachmate grew by many acquisitions, most notably WRQ, NetIQ, and Novell. Given that Attachmate did not grow organically, but through acquisition, their licensing records tend to be incomplete – and even when provided – may not provide the organization an accurate picture of all entitlements.

Based on personal involvement with several organizations undergoing an Attachmate audit, there are three key things I have learned and want to share with software asset managers.

The timing of Attachmate audits

Similar to other vendors, Attachmate conducts audits on selected customers every two years. I have seen Attachmate audit the same customer every two years. As I have written before, the audit frequency only changes when Attachmate does not get the financial return they expected. Alternatively, I have been informed that Attachmate will sometimes wait to audit a customer until the fines and penalties add up to make their audit pursuit worthwhile (see item two).

Attachmate remuneration

I’ve come from the vendor side of the equation – developing the audit letter, conducting audits and helping vendors mature their programs. Vendors deserve to be paid for their products and services. However, Attachmate seems to take more to their wallet than other vendors. In addition to collecting (at list price) the alleged unlicensed software identified by Attachmate, they also attempt to collect lost interest (at 18%) and maintenance fees for any software believed to be unlicensed. I have seen Attachmate basing their demand not on install date of the unlicensed software, but based on when Attachmate released that software to the general public! This may mean that the Attachmate demand may go back far longer in time than when the software was installed.

Accurate data

All of this calls for the need for accurate data, not just of the installed Attachmate software, but entitlement records for Attachmate (and WRQ, NetIQ, Novell).

Recommendation on installed software: Attachmate products like Reflection (terminal emulation) tend to be forgotten about since they are speaking to legacy systems – things not front and center on most IT agendas. However, given the propensity for Attachmate’s aggressive audit posture, those organizations with Micro Focus Attachmate would be wise to include Attachmate (Micro Focus) when rattling off vendors who audit, and ensure an up-to-date inventory of installed software.
Recommendation on entitlements: Given that Micro Focus is so acquisitive, it is important to keep your records of all licensing focused communications, contracts, and entitlements. Keeping entitlement records is a natural extension of the SAM manager – but a record of licensing focused communications may not be. I have seen situations where organizations have gotten support from Attachmate to fix a particular problem – only to have Attachmate at a later time say that support fix was not part of the license (due presumably to the absence of documentation). I am not saying Attachmate does this intentionally, but given the M&A activity, it’s best you keep your records and refer to them when necessary. Finally, the SAM manager needs to let Attachmate know of your organizations M&A activity – companies you may have acquired to help ensure your entitlement records match to what Attachmate provides.
Unused Attachmate software: It is critical that the SAM manager, who may be preparing for an Attachmate true-up, review and remove unused Attachmate software as part of business as usual – well before the audit. This automated Reclaim process is something 1E recommends for all desktop software. However, it is not so simple as just removing the software. The asset manager must look for remnant files and registry entries left from the removal and ensure those too are removed. For some Attachmate titles, I recommend doing a clean install with full logging, and a standard uninstall and then searching for remaining files – and then removing them too. A script can be created from this process, and execution of that script can be automated using AppClarity.

From the feedback received from one of my previous blogs about Adobe ending its audit program, and frankly, the excitement about that news, SAM Managers should see this as a cautionary tale not to get too comfortable; there has yet to be a wholesale change in vendor audit tactics.

Bottom Line: 1E has worked with various organizations helping them defend against Attachmate audits. Through those audits, we have learned that it takes solid data as described above to beat Attachmate at their own game. We can provide the insight necessary to help you achieve a finding a more favorable outcome for you. We typically assist the organizations we work with to close out audits spending 80% less than Attachment’s original audit report findings.

*Note: Just before publishing this, I found the following text on Micro Focus’ annual report: “We have simplified our branding such that we are now using the Micro Focus and SUSE brands and have broadly “retired” the Novell, Attachmate, NetIQ and Borland brand names.”

The post Beating Attachmate Audits with Defendable Data appeared first on 1E Blogs.

1E Nomad has long provided invaluable assistance to customers with particular content requirements: major banks looking to regularly update tens of thousands of cash machines in a single swoop; oil companies that need to get critical data out to ships and rigs; airlines with far flung offices who want to be able to update their remote sites without having to send an IT employee to the other side of the world clutching a USB stick. With its power to supercharge Microsoft System Center Configuration Manager, and ensure efficient, controlled content distribution without network disruption, Nomad is already a crucial tool for hundreds of renowned global companies.

1E, however, is convinced that the number of businesses that could get real, significant value out of Nomad is set to escalate in the coming years. To reflect this vision, the latest Nomad 6.1, is the most efficient, secure, user-friendly version yet.

We live and work in an age of data proliferation. What company today doesn’t find itself increasingly in the business of handling and distributing data, whether as a way to better understand and serve its customer base, or simply to ensure that all of its employees can access the most secure, up-to-date tools and services?

Take, as a familiar example, Windows 10. First of all, there is the issue of migration. We’ve covered this pretty extensively here, but it bears repeating that, if your business’s machines are currently running Windows 7, then your Windows 10 migration could yet prove expensive and time consuming. A secure Windows 10 environment requires your switching all those machines from BIOS mode to UEFI: Nomad 6.1 is the only solution that allows you to achieve this in a completely automated way.

Besides the conspicuous challenge of migrating to the new operating system, Windows 10 comes with a new servicing model that means most enterprises will be effectively embarking on OS upgrades on an annual and even biannual basis. Windows 10 patching alone presents a unique challenge to infrastructure.

“Microsoft is changing the patching model now,” explains 1E’s Simon Burbidge, Nomad product manager. “Whereas we could previously download individual patches that are relatively small now they’re going to be lumped together, and the way that management tools will request patches will be different.”

The challenges increasingly faced in modern retail are also significant. If we think about the technological dependency of shops today – from basic logistics to customer experience – these stores are dependent on their IT systems. Rolling out operating systems, applications or critical updates to those in-store computers may require a server to act as a distribution point or other SCCM role. If that server goes down or needs a hardware or software update before deploying the important content then, at best, the whole process will be delayed.

Nomad, of course, already eliminates the need for remote servers. Its peer-to-peer technology makes them redundant. This also gives IT the added peace of mind of never having to worry about whether a server has sufficient disk space to receive the updates. Windows 10 just makes Nomad more relevant to more businesses than ever before.

Nomad 6.1, though, further underscores this peace of mind with new security features. Configuration Manager, when you think of it, is one of the most powerful pieces of equipment in an enterprise’s entire IT infrastructure. It can literally do – and distribute – anything it wants to your machines. And with increasing quantities of content being distributed across that network, businesses will want to know exactly what it is their machines are sending and downloading. Also, they will want to safeguard that data as it traverses the network.

Nomad 6.1 is the only product on the market that lets you compress, encrypt, and sign content sent out via Configuration Manager.

“What we wanted these new security features to do is to provide a lightweight solution in terms of encrypting sensitive data, so you can set it on a per package basis,” Burbridge explains. “There’s data proliferation going on continually. Large amounts of data that needs to get moved around organisations, from different types of sources, different operating systems, devices, managements platforms, different types of data sources. We’re positioning ourselves to being able to provide Nomad as a pluggable solution for that, and being able to do what Nomad does, which is be very efficient in terms of how you get the data and distribute that to your end points.”

Nomad 6.1 takes 1E closer than ever to this fulfilling this vision.

Click here to read the full list of new Nomad 6.1 features.

The post 1E Launches Nomad 6.1 with Unique Windows 10 Deployment Automation appeared first on 1E Blogs.

The application shopping experience has become as natural as shopping for clothes or food for most people with a smartphone. Even within enterprises, we are seeing the rapid adoption of internal “app stores” to allow staff to select the apps they need for their work and have them delivered and installed without any intervention from IT.

1E Shopping provides the leading solution for businesses to provide their own, branded and customized enterprise application store and the new release, Shopping 5.3.100, furthers the 1E innovation in this growing area.

Besides on-going maintenance, this release also includes:

Improved Application mapping

Shopping now leverages our new, powerful and comprehensive software and hardware catalog and therefore can differentiate between key attributes of a software title be that edition, multi-part version or colloquial version. For example – one can define different application migration rules for different versions or different editions of the same application – for e.g. Winzip Pro 10.1.2.300 and Winzip Pro 10.1.3.423.

This enhances our application mapping capabilities that allow:

Shopping to extract important inventory information from AppClarity 5.1 (1E’s Software Asset Management product) for improved collaboration between the tools.
Configuration of rules that decide whether an application be retained, upgraded or replaced as part of a operating system deployment (for example rolling out Windows 10).

Complete 508 standards compliance

A lot of Shopping is about the end-user – to engage users in a manner that lets them interact with the portal in the most interactive and intuitive manner.

I am pleased to say that the Shopping Web portal is completely compliant with the requirements of Section 508 of the Rehabilitation Act so that all users, regardless of disability status, can access the enterprise application store.

If you’re new to our enterprise app store and want to learn more about how you can benefit from these features, contact one of our experts.

The post Announcing New Features in Shopping 5.3.100 appeared first on 1E Blogs.

Global enterprise software waste today stands at 38%, totaling $28 billion of waste in the US alone, or $247 per user, according to a free, new downloadable study published today by 1E.

Drawing on exclusive data spanning five years, and covering 149 companies, 16 industries and 4.6 million users, the Software Usage and Waste Report 2016 provides unique insight into the enterprise desktop. software waste

The report defines waste as a piece of software that has been deployed to a desktop but not used.

The report found that, of the 35 leading applications examined, the following were most prone to waste:

TechSmith Camtasia Studio (waste: 67%)
SAP Crystal Reports (63%)
Adobe InDesign (55%)
Adobe Dreamweaver (55%)
Microsoft Visio (47%)
Adobe Illustrator (47%)
Microsoft Project Professional (46%)
Adobe Photoshop (42%)
Helios TextPad (40%)
Corel WinZip (34%).

“There is huge evidence of software waste across all sectors,” says Buffi Neal, co-author of the report. “The inability of organizations to reduce average waste levels suggests that they remain unaware of the underlying cost-saving opportunities.”

The Software Usage and Waste Report shines a light on what those applications with very high deployment and waste levels cost businesses. For example, Project Professional alone is calculated to be costing the average business of 30,000 machines $381,840.

The new study also analyzes software efficiency by industry. Of the 16 global industries defined, government (28%) boasts the lowest waste, while aviation (47%) and education (47%) have the highest.

“All industries have a need for specialized software,” comments report co-author Peter Beruk. “An accounting firm will have the need for accounting software, while an engineering firm will have a greater need for CAD software. The Software Usage and Waste Report will allow the SAM manager to recognize those applications most unused within their business immediately and develop a remediation plan.”

The 1E Software Usage and Waste Report coincides with the release of 1E’s new Software Intelligence tool, which offers businesses a free snapshot of their own application usage.

The post New 1E report reveals US software waste at $28 billion appeared first on 1E Blogs.

So, let’s face it: every business goes through change. They need to evolve to generate new opportunities and react to new threats, and as part of that process, in a general sense, information technology always has to facilitate some part of this change or deal with the effects of this change, even if it was unintended or undesired.

When I look at these changes, I think they can fit it into three broad categories:

Benign Changes
These are planned changes that have been actioned and have been applied as envisaged and which have not had any adverse effects or outcomes.

Malignant Changes
These can come in two forms:

First, there are planned changes that are applied and lead to an unintended adverse effect or outcome. Sometimes this can simply be due to a lack of testing or the issue not manifesting itself during the testing phase. This is not that unusual when we consider the sheer complexity and interdependence that exists within modern IT environments.

The second type of malignant change is quite simply the wrong action or change being applied which was unintentional. This could be operational errors or simply pressing the wrong button.

Malicious Changes
Again there can be two broad forms of malicious changes:

First, something or someone from the outside is making changes, meaning they were able to ingress into the environment and are making changes with malicious intent.

Secondly, someone in your organization making changes with malicious intent.

Introducing Tachyon
You may have noticed that here at 1E we’ve launched a new product called Tachyon. Tachyon enables organizations to deal with this change and the adverse effects of change. Let’s see how Tachyon helps you deal with these different types of changes.

Benign changes
When benign changes occur, there is no real detrimental effect. However, sometimes from a business perspective, these changes can take too long to deliver. There can be a number of factors as to why this happens. It could be limitations in the toolsets available to the team responsible for delivering the change, it could a lack of skills or knowledge to deliver the change in question, or it could be the sheer complexity of the IT environment that is responsible for holding up the change.

With Tachyon, you are able to hold a conversation with all endpoints in the environment. You can ask them questions, and perform remediation actions in real time. This means making changes is no longer the challenge it once was. Obviously, this is very powerful functionality, so by default, all changes require a second person to authorize the change. Tachyon was designed to be very resource efficient and highly scalable and can manage estates of over 1 million endpoints. With Tachyon you really benefit from its awesome speed.

What about malignant change? How can Tachyon help? When we think about introducing a significant change in the environment, this often involves a lot of work and preparation. But, despite all the preparation, something unexpected or undesirable happens when the change goes live. What can you do? You are faced with two choices: firstly, you can revert to your back out plan (if you have one), but this can sometimes be as complicated and disruptive as the original change itself. Alternatively, you can try to remediate (or at least put some mitigation in place).

This is where Tachyon excels with the ability to start a conversation and ask questions with all your machines in real time. It can help you identify which systems already have the change and it can help filter into the data to see if there are common factors there. Once identified, the issue or the machines with the issue can be targeted with Tachyon with whichever course of appropriate remedial action you have chosen.

This ability as described above is just as applicable in any situation where changes or errors have been introduced by accident.

Lastly, there is the malicious change. As we all know, software is becoming more and more complex. And despite real efforts around quality control, software is still released with security vulnerabilities. When these security vulnerabilities become public knowledge through information sources such as the USA’s NIST (National Institute of Standards and Technology) vulnerability database or through the software vendors own security notification mechanisms, you can use Tachyon to ask every endpoint in real time whether they have that version of Software installed. You can then ascertain your exposure and use Tachyon or your policy based client management tools to update these systems.

If the vulnerability already has a known active exploit, there is most likely information in the public domain as to the attack vector and the data wake left by the exploit. This information is what the industry calls an indicator of compromise (IOC). Again, with Tachyon, you can ask questions of all the devices to see if they have these IOCs exist. If so, you can use Tachyon to make changes to immediately stop the exploit. This might involve actions like adding local firewall rules, killing processes, changing registry values, or deleting files. The list is truly endless.

The investigation and remediation as described above are just as applicable to situations where changes have been introduced intentionally by someone internal to the organization. In fact, with Tachyon, you can record events and behaviors over time to provide a historical perspective of what has happened on the endpoint over time. This ability to provide forensic data about key events on an endpoint can really help to speed up an investigation. Imagine being able to ask, every endpoint when they first became infected by a malicious executable.

Thanks for taking the time to read this post. Hopefully, it gives you some valuable insights about the capabilities of Tachyon and highlights why you should seriously consider using Tachyon to reduce the time it takes you to manage those activities related to change.

Want to write for 1E? We’ve made it easy to be a part of a quickly growing environment fostering the ideas and expertise of Microsoft MVPs. Our exciting program offers incentives for the post that does the best. Not an MVP? You can still apply to write for us here. We can’t wait to hear what you’ve got to say!

The post Fear change? (Tachyon is here) appeared first on 1E Enterprise Software Lifecycle Automation.