Accelerating Your Distributed Environment with LANDesk Systems Management



Similar documents
Resolving the Top Three Patch Management Challenges

LANDesk Management Suite 8.7 Extended Device Discovery

OS Deployment and Migration

Software Distribution

Steelcape Product Overview and Functional Description

Accelerate Private Clouds with an Optimized Network

Managing Mobile Devices Over Cellular Data Networks

LANDesk White Paper. LANDesk Management Suite for Lenovo Secure Managed Client

Software License Monitoring

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Technical Brief. DualNet with Teaming Advanced Networking. October 2006 TB _v02

CISCO WIDE AREA APPLICATION SERVICES (WAAS) OPTIMIZATIONS FOR EMC AVAMAR

Proven LANDesk Solutions

SiteCelerate white paper

Windows Server on WAAS: Reduce Branch-Office Cost and Complexity with WAN Optimization and Secure, Reliable Local IT Services

Cisco WAAS Express. Product Overview. Cisco WAAS Express Benefits. The Cisco WAAS Express Advantage

Real World Considerations for Implementing Desktop Virtualization

Cisco Application Networking for IBM WebSphere

Top 10 Reasons Enterprises are Moving Security to the Cloud

Optimizing VMware View VDI Deployments with F5

A TECHNICAL REVIEW OF CACHING TECHNOLOGIES

Mesh VPN Link Sharing (MVLS) Solutions

Real World Considerations for Implementing Desktop Virtualization

Cisco Application Networking for Citrix Presentation Server

Cisco Wide Area Application Services Software Version 4.1: Consolidate File and Print Servers

Site2Site VPN Optimization Solutions

New Value for Managed Service Providers: Extending Out of Band Remote Management to Servers

ALTIRIS Deployment Solution 6.8 PXE Overview

Overcoming the Performance Limitations of Conventional SSL VPN April 26, 2006

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

GlobalSCAPE Wide Area File Services

Print Audit Facilities Manager Technical Overview

Wyse Device Manager TM

Tech Brief Q&A: Implementing Endpoint Security in 9.6 SP 2. Presented by Martin Gannon June 21, 2015

Achieve Deeper Network Security

RemoteApp Publishing on AWS

Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms

LANDesk Patch Manager. Strategic and Tactical Implementation Guide

Kaseya IT Automation Framework

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Solution Recipe: Remote PC Management Made Simple with Intel vpro Technology and Intel Active Management Technology

Directory Integration in LANDesk Management Suite

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

Virtualization Support - Real Backups of Virtual Environments

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

Overcoming Security Challenges to Virtualize Internet-facing Applications

Mobile Network Access Control

Tips and Best Practices for Managing a Private Cloud

Definition. A Historical Example

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

An Oracle White Paper June Oracle Linux Management with Oracle Enterprise Manager 12c

Windows Server 2012 R2 VDI - Virtual Desktop Infrastructure. Ori Husyt Agile IT Consulting Team Manager orih@agileit.co.il

Big data management with IBM General Parallel File System

Addressing Microsoft Windows 7 Deployments with VMware Mirage WHITE PAPER

Getting More Performance and Efficiency in the Application Delivery Network

ORACLE OPS CENTER: PROVISIONING AND PATCH AUTOMATION PACK

Load Balancing for Microsoft Office Communication Server 2007 Release 2

Flexible Routing and Load Control on Back-End Servers. Controlling the Request Load and Quality of Service

Distributed Software Development with Perforce Perforce Consulting Guide

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

Eliminating the Need for WAN Acceleration Using the Cloud

Dell One Identity Cloud Access Manager How to Configure for High Availability

8000 Intelligent Network Manager

Asset Discovery with Symantec Control Compliance Suite

IP Multicast Backgrounder An IP Multicast Initiative White Paper

Cisco Application Networking for BEA WebLogic

Eliminating the Need for WAN Acceleration Using the Cloud

How To Use Shareplex

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

Real-World Scale for Mobile IT: Nine Core Performance Requirements

IP SAN Best Practices

Enterprise Data Protection

VXLAN: Scaling Data Center Capacity. White Paper

SolarWinds Scalability Engine Guidelines for SolarWinds Products Technical Reference

Managing Security Risks in Modern IT Networks

Veeam Cloud Connect. Version 8.0. Administrator Guide

IBM. Vulnerability scanning and best practices

White Paper. McAfee Multi-Link. Always-on connectivity with significant savings

SECURE WEB GATEWAY DEPLOYMENT METHODOLOGIES

VPN. Date: 4/15/2004 By: Heena Patel

Stateful Inspection Technology

Accelerating High-Speed Networking with Intel I/O Acceleration Technology

FatPipe Networks

How To Get A Client Side Virtualization Solution For Your Financial Services Business

Ranch Networks for Hosted Data Centers

Software-Defined Networks Powered by VellOS

ALTIRIS Software Delivery Solution for Windows 6.1 SP3 Product Guide

The Definitive Guide to Cloud Acceleration

F5 and Oracle Database Solution Guide. Solutions to optimize the network for database operations, replication, scalability, and security

System Services. Engagent System Services 2.06

Detecting rogue systems

WAN OPTIMIZATION FOR MICROSOFT SHAREPOINT BPOS

Solving I/O Bottlenecks to Enable Superior Cloud Efficiency

PANO MANAGER CONNECTOR FOR SCVMM& HYPER-V

Private Cloud Solutions Virtual Onsite Data Center

Disaster Recovery for Oracle Database

Transcription:

LANDesk Technical White Paper Accelerating Your Distributed Environment with LANDesk Systems Management Technical White Paper

Visit www.landesk.com for more information. To the maximum extent permitted under applicable law, LANDesk assumes no liability whatsoever, and disclaims any express or implied warranty, relating to the sale and/or use of LANDesk products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right, without limiting the rights under copyright. LANDesk retains the right to make changes to this document or related product specifications and descriptions, at any time, without notice. LANDesk makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document nor does it make a commitment to update the information contained herein. For the most current product information, please visit www.landesk.com. Copyright 2012, LANDesk Software, Inc. and its affiliates. All rights reserved. LANDesk and its logos are registered trademarks or trademarks of LANDesk Software, Inc. and its affiliates in the United States and/or other countries. Other brands and names may be claimed as the property of others. LSI-1088 04/12 BT-FS/AS/AZUU

Contents Client Management in Today s Distributed Enterprise...4 The Traditional Approach to Management Communication: Unicast Data Transfer...4 The Subprime Sides of Subnet Staging...5 An Agile, Lightweight Alternative...5 Automating Discovery and Asset Inventory...6 Automating Software, Patch, and Operating System Distribution...6 Push Distribution: Targeted Multicast...6 Pull Distribution: Peer Download...7 Operation System Distribution: PXE Prozy...7 Automating Mobile Systems Management...7 The LANDesk Cloud Services Appliance...8 A More Manageable Solution for Distributed Client Management...8 www.landesk.com 3

Client Management in Today s Distributed Enterprise Distributed computing is one the most significant business enablers of the late 20th century. By connecting personal computers into local area networks and linking those subnets into an enterprise network fabric, companies have accelerated communications, strengthened collaboration, shared business intelligence, improved responsiveness, and placed a growing list of innovative business services at their employees fingertips. To avoid contention on sensitive links, most management solution vendors long ago adopted a unicast approach to intermachine communication. Messages flow in a single packet stream from one transmitting machine to one receiving machine at a time, using the unicast feature of the Routing Information Protocol in the TCP/IP stack. Unicast transmission avoids the congestion that can occur when multicast (one-to-many) or broadcast (one-to-all) communications hit an oversubscribed network link. But they do so by creating many separate and largely redundant message streams. Today s enterprise environments link corporate headquarters and data centers to divisional business centers, manufacturing facilities, distribution centers, call centers, branch offices, retail locations, and a constellation of mobile and home office users, all of them bound together by a fabric of LANs, WAN links, and VPN tunnels through public networks. The site count can easily run into the hundreds or thousands and span a country, a continent, or the globe. To manage the users and client systems spread out across the distributed enterprise, IT organizations have built out overlay environments of their own. But increasingly these two environments seem to be on opposite evolutionary paths. As the production infrastructure gets faster, more agile, affordable, and responsive, the management infrastructure gets slower, more cumbersome, expensive, and restrictive. To understand why this is so and why it doesn t need to be requires some historical perspective. The Traditional Approach to Management Communication: Unicast Data Transfer IT organizations need to be able to execute a variety of client management and security tasks remotely over the network. Common examples include system discovery, software inventory and license management, remote control and configuration, security software updates, patch management, and software distribution. Because distant sites are typically connected by high-cost WAN links or low-speed VPNs, management communication must yield priority to core business traffic. A model of a distributed network that requires additional expenses in hardware, software licenses, and security for each remote location or user. Most management systems require additional hardware, software licenses, and IT resources to manage remote sites. This approach is problematic when a large volume of data an application package, for instance must be delivered to many client machines at multiple sites. Distributing a new release of Microsoft Office might mean moving a one-gigabyte package to a thousand target systems a full terabyte of network traffic for a single job. To avoid clogging inter-site network links with redundant data, most unicast management solutions have adopted a staging server strategy. A dedicated server at each business location or major subnet acts as a local target for management communications. Handling inter-site downloads and local distribution, they eliminate redundant traffic over busy WAN links. Microsoft System Center Configuration Manager (SCCM) is one of the many solutions that take this conventional approach to management infrastructure. The Subprime Sides of Subnet Staging But placing a dedicated server on every subnet creates a significant new infrastructure layer whose only purpose is managing other systems. Each new management server adds its own increment of capital expense and administrative overhead, and in large environments the total number of management nodes can run into the hundreds. In addition to the server hardware, each management node needs an operating system, security and other standard software components, and often a back-up system all of which must be monitored, managed, and maintained. 4 www.landesk.com

This dedicated infrastructure also creates a great deal of network traffic simply to synchronize and coordinate its own activities. Most nodes are configured to periodically poll the central management system for scheduled tasks. Setting the polling interval too frequently creates a very chatty network with a high level of background management communication. Setting it too infrequently raises the risk of delaying an urgent but unscheduled project perhaps an antivirus update. In short, any distributed management infrastructure based on unicast data transfer and a dedicated tier of subnet staging servers locks in high levels of capital and operating expense, and requires potentially unacceptable tradeoffs between network efficiency and operational agility. Its structural handicaps impose an operational or financial penalty on every type of management task. Furthermore, it affords no support for mobile or home office users that lack a dedicated connection into the enterprise network. As a result, many organizations are actively seeking a more efficient, scalable, and flexible alternative. An Agile, Lightweight Alternative Until 2001, LANDesk also relied on a unicast-local server infrastructure, until a Fortune 100 customer requested a more responsive alternative. In response, LANDesk engineers developed the Targeted Multicast Peer Download model that provides the communications infrastructure for today s LANDesk Management Suite the Light Infrastructure. The LANDesk Light Infrastructure has just four key components: A core communications server A SQL database The LANDesk software agent the same lightweight agent deployed on all managed systems A LANDesk Cloud Services Appliance At each site and on each subnet, one client is dynamically elected to function as the subnet representative for a pending management task based on currently available resources. The elected system s LANDesk agent then temporarily assumes the functions of a local management server. Data transfer is unicast once across the high-traffic WAN connection, then multicast within each subnet. If the subnet representative becomes unavailable, then another is dynamically elected, which also provides fault tolerance. Requires no site servers, back-up servers, server licenses, or IT management associated with a traditional network management infrastructure. This lightweight and economical approach is made possible by the flexible architecture of the LANDesk software agent, which uses a wrapper service to call up only those executables and services required for a specified task. Once that task is complete, all expendable code is unloaded from memory and consumes no further resources. The LANDesk Light Infrastructure delivers a wide range of capital savings and operational benefits relative to traditional management infrastructure. By using available systems and resources for administrative communication and software distribution, it eliminates the need for dedicated staging servers, yet it will efficiently leverage existing infrastructure. It reduces network traffic, frees up bandwidth for core business traffic, dramatically improves software distribution performance, and provides built-in fault tolerance and load balancing. Perhaps most importantly, it eliminates the need for complex infrastructure to handle routine management tasks. www.landesk.com 5

Gartner: LANDesk in Client Management Leaders Quadrant Gartner Inc. s January 31 Magic Quadrant Report for Client Management Tools placed LANDesk firmly in the leaders quadrant. The report notes that: LANDesk has one of the most complete products in terms of overall functionality. LANDesk Targeted Multicast Peer Download enables administrators to distribute applications using a peer-to-peer model at subnets. LANDesk customers have fewer remote package servers than customers using competitive products. LANDesk Security Suite and LANDesk Service Desk are well-integrated with LANDesk Management Suite. Push Distribution: Targeted Multicast Automating Discovery and Asset Inventory The LANDesk Light Infrastructure provides LANDesk Management Suite with extraordinarily granular client discovery and inventory capabilities, regardless of where those systems are located, even when they are unmanaged and have a firewall enabled. Extended Device Discovery (XDD) leverages the LANDesk software agent on managed devices to listen for Address Resolution Protocol broadcasts that occur when clients connect to the network. Agents use the ARP broadcasts to associate TCP/IP and MAC addresses and identify new arrivals on the network. New clients are checked for the presence of a LANDesk agent, and unmanaged systems are reported to the core server. The result is a highly accurate and up-to-date inventory that quickly identifies unmanaged machines, anywhere on the network. In addition, LANDesk inventory scans are designed so that only discovered changes are recorded and transferred over the network. Because subsequent inventory reports are usually less than a kilobyte, frequent scans can be scheduled to efficiently maintain a high degree of accuracy and currency. Automating Software, Patch and Operating System Distribution There are two types of distribution processes: a push process typically initiated by an administrator, and a pull process triggered by an end user. Let s look at how each process executes within a LANDesk Light Infrastructure. LANDesk uses unicast across the WAN to reduce traffic on slower connections. Any machine with the right resources can be elected dynamically as the subnet representative, which acts like a site server to distribute software, patches, and other updates via multicast on the subnet. When an IT administrator prepares a large-scale distribution, the core server begins by building a list of target systems at each site and subnet, based on the most recent asset inventory, or a fresh one if desired. A subnet representative is elected for each network segment. All machines on the subnet are eligible. Each subnet representative downloads the distribution package from the core server via HTTP, simultaneously loading it into local cache and multicasting it to all the other target systems on the subnet, which also load it into cache. Once all downloads and local multicasts are complete, and all target systems have the distribution package in cache, the core server sends an execution command via TCP request to install the package. If a subnet representative disconnects during download, the core server immediately repeats the election process and resumes the download. Because all target systems on the subnet will have the partial download in cache, only an average of 100 kilobytes must be retransmitted to synchronize the transfer. If a target machine powers down or disconnects before caching the entire download, the LANDesk agent will automatically request the balance of the package from peer systems upon reconnection to any enterprise network segment. 6 www.landesk.com

When the process is complete, all target systems will have received the distribution package, which will have been transmitted across each WAN segment only once, without the need for dedicated staging systems at any site or on any subnet. Pull Distribution: Peer Download When an end user system at a remote site needs an application or an update, its LANDesk agent will initiate a pull distribution, which it begins by checking its own cache for the required package. If it doesn t find the necessary package in cache, the agent polls other client systems on its subnet. If another system has the package, the two agents will arrange and execute a peer download. If no local peers have the necessary package and a preferred server is present on the LAN, the client will request the package from the preferred server. If there is no preferred server on site, the client agent will request the package from a core management server, which will deliver it across the WAN. Once the package has been delivered, cached, and installed by the requesting agent, that client system becomes the local source for all future deliveries at that site. With LANDesk Light Infrastructure, it doesn t matter whether a software distribution is initially accomplished by a push or pull process. No package should have to be moved across a WAN link more than once. Any device that is offline or disconnected can make a request when reconnected to the network for updates and receive them via a peer, designated server, or as a last resort from a source server from a central location. Operating System Distribution: PXE Proxy Operating system distribution is supported by using one client system on each subnet as a PXE proxy. The LANDesk agent detects a bare metal boot on the subnet and contacts the core server for boot menu instructions. This eliminates the need for a dedicated OSD server at each location or subnet. With the LANDesk Light Infrastructure, software distribution is dramatically faster, more flexible, reliable, fault-tolerant, and efficient than any process based on unicast transfer and dedicated staging servers, whether the task at hand is an application update, patch management, or new operating system image delivery. Lighten Your Management Load by Hundreds of Nodes A large organization with tens or hundreds of locations and a dual-node staging system at each of those locations can dramatically reduce the capital and administrative burdens of its IT management infrastructure and improve management efficiency by replacing those dedicated assets with the LANDesk Light Infrastructure. One Fortune 100 customer recently reduced its management server fleet from 226 machines to 22, with half of those in core applications. After the transition, the firm s IT organization was able to confirm the application of a critical patch to 97 percent of more than 100,000 global client systems within 48 hours of the patch s release. Automating Mobile Systems Management There s no kind way to say this: Mobile workers the fastest growing category of computer users are high maintenance. They require a disproportionate amount of support compared to desktop users. To further complicate matters, mobile workers are increasingly bringing their own devices to work (BYOD), working non-traditional hours, and using multiple devices per day a desktop or notebook at work, a tablet at home, and a smartphone everywhere else. The line between people s work lives and personal lives continues to blur, as their growing number of devices share both personal and business content. Today s IT organization has no choice but to support mobile users and their devices, to help them stay safe, secure, and productive. The LANDesk Light Infrastructure makes it plug-and-play easy. www.landesk.com 7

The LANDesk Cloud Services Appliance The LANDesk Cloud Services Appliance extends the simplicity, affordability, scalability, and flexibility of the LANDesk Light Infrastructure to every mobile user, making them easy to manage and support without dedicated servers, VPNs, or leased lines. The appliance acts as an intermediary for the core management server and remote clients. Essentially, it brokers a secure socket-layer connection between the managed system and the back-end LANDesk core server. A certificate issued by the core server secures a pipeline and establishes a trusted relationship, and all data is SSL encoded. Management agents on remote systems authenticate to the core server, authorizing them to communicate with its management services by way of the appliance. In this arrangement, client systems access only the core server, not the corporate network. No ports are opened in the corporate firewall, eliminating a potentially serious vulnerability. A More Manageable Solution for Distributed Client Management Managing client systems in today s diverse and distributed enterprise environments is inherently complex, but traditional approaches to communications infrastructure and data transfer add high burdens of cost, complexity, and latency that are no longer necessary. When considering the functional claims of management solution vendors, customers should carefully evaluate the underlying communication infrastructure for requirements that may inflate the deployment hardware budget or overload the network backbone. Then consider the efficiency, economy, reliability, and performance of the LANDesk Light Infrastructure, and make a fully informed selection. For more information on the LANDesk Management Suite solution and the technology behind LANDesk Light Infrastructure, please visit www.landesk.com or email us at sales@landesk.com. Enables you to manage and secure remote users outside the firewall without the overhead of a VPN. Once again, a dramatic simplification in management infrastructure is made possible by the LANDesk management agent, which recognizes the nature of the available network connections on boot-up and tracks them over time. When no corporate network service is available, the agent can be configured to seek an HTTPS connection automatically with the Cloud Services Appliance. Once connected and authenticated, the client delivers an inventory report and queries the core server for pending management tasks. With the LANDesk Cloud Services Appliance, IT organizations can extend management services to remote and mobile client systems simply by adding a single appliance to their environments. Any client with an Internet connection can be administered securely and reliably, even behind a firewall. 8 www.landesk.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information