Automated Software Deployment

Microsoft Tools and Software Deployment

For Windows networks, an alternative approach is to use Microsoft's Systems Management Server (SMS) 2.0, which has both inventory and deployment functions. SMS normally requires a dedicated server and is less expensive and quicker to install than a management framework. SMS was the route taken by Los Alamos National Laboratory (www.lanl.gov). In addition to having two of the world's eight fastest supercomputers for modeling nuclear reactions , the laboratory also has 11,000 desktops. Although it needed to ensure its security functions were top notch , labor requirements made this prohibitive. The laboratory's Information Architecture (IA) team for desktop systems calculated that, even if only one updated virus definition, a single operating system patch, and one browser patch were installed each month, it would take 87 staff working full time (at an average of 19 updates per person per day) to manually keep up with the changes. The IA team simply did not have the personnel to do this, so they decided to investigate enterprisewide desktop management (DM) systems. After evaluating several DM products, they piloted Microsoft's SMS and then rolled it out to five sites serving more than 1500 desktops. In a nine-month period, the SMS team produced and distributed over 70 software packages with a total technical resource investment of 210 person-days. To do the same job manually would have required 5530 person-days.

Implementing a DM system, however, involved significant startup costs including buying a server and paying for all the software licenses, as well as hiring the tech personnel. For a 150- user group , these costs came to $272,541, or $1,817 per client. The IA team discovered , however, that as they rolled out SMS across a larger and larger portion of its overall organization, more attractive economies of scale come into play that eventually brought the cost per client down to less than $200. SMS goes way beyond software deployment, into the areas of remote desktop support and network management. This added functionality, however, also means added complexity for deployment and administration. SMS is not something one can take out of the box, load, and put to use. So, before deploying it, an enterprise must make sure it has available IT resources with the experience to cope with it.

Site Licensing/Tracking Software

The above approaches are comprehensive solutions, but can be overkill — too complex or expensive for someone who wants to deal with the immediate problem of managing licenses and updates. A full framework, for example, typically comes with a price tag of hundreds of thousands or millions of dollars and can take over a year to put in place — not the sort of pace required when the BSA might come knocking at any moment. Luckily, several easier and quicker approach to software deployment and licensing are available. Dedicated deployment tools take care of the software deployment and distribution task without burdening users with all the bells and whistles of a framework or SMS. One of the better ones is Executive Software's Sitekeeper. This is a tightly focused tool dealing with automated software distribution, inventory, updating, and license tracking that costs about $15 per machine for large enterprises (Exhibit 1).

Exhibit 1: Sitekeeper High-Level Data/Control Flow Diagram

After installing Sitekeeper, the first step is to launch Inventory Tracker, which contains a setup wizard to guide the administrator through the process of designating which domains or machines to inventory and how often. It does not install any agents on the workstations but scans the Windows Registry to gather software names , versions (major and minor), build number or patch level, and name of publisher. It typically inventories five to ten machines per second, so a thousand-user network would be done in two to three minutes. Data is stored in a database, and a browser-based inventory report is generated. This shows both the inventory on each machine, as well as which machines have a particular product installed.

Another module, License Tracker, generates a license report based on the completed inventory. The administrator enters the number of licenses purchased, and the report informs the administrator if the organization has excess licenses, if it needs to purchase some more, and if users are installing software locally without permission. From there on out, the module will continue to notify the administrator as licenses expire or new inventories show changes in license status.

Sitekeeper's PushInstall is of most relevance to software deployment. This feature remotely installs and uninstalls software, updates, upgrades, and patches. It works with any Windows 2000, XP, or Microsoft installer-compliant program, as well as most software designed for NT. Software, updates, and patches can be scheduled to use minimum resources, which takes a little longer but has less impact on users. When speed is more important, such as when installing a new virus definition, the administrators can run the program at a higher priority. Once the administrator selects the target machines or domains and the installation speed, the program automatically installs the software and reports the results of each installation back to the administrator.

Sitekeeper is a quick-to-implement, simple-to-run, and inexpensive software management application. For those looking for a "set it and forget it" method of staying on top of licensing and software management headaches , it does the job well.

Software Deployment Case Study

• Organization — Unisea, Inc. (Redmond, Washington, and Dutch Harbor, Alaska; www.unisea.com).

• Business/mission — Unisea is one of the world's leading fish product companies, with peak production of over 60 metric tons of fish per hour .

• Goal — The primary goal was to create accurate hardware and software inventories and ensure license compliance; the secondary goal was to be able to run routine checks for users installing unauthorized software.

• Scope — Software is installed at two locations, the headquarters in Washington and the processing facility in Alaska; the company has about 1200 employees .

• Solution — Executive Software's Sitekeeper was installed to automate inventorying , deployment, and license compliance.

• Results — Inventories are now taken and maintained automatically. Routine deployment of software updates has been reduced to one hour per site during normal business hours (no more coming in early or working late).

• Cost savings — Personnel time required for software updates was reduced 85 percent; process revealed that the company had more software licenses than it needed.

For many years , Unisea systems staff performed updates and inventories manually. Administrators tracked licenses using paper and pen, consolidating various notes into an Excel spreadsheet. Similarly, deploying software updates required visits to every desktop every time a new patch came in, and IT staff worked nights going from box to box to install the latest patch. As a result, their workload became backlogged and critical updates were delayed. Unisea purchased Sitekeeper by Executive Software to automate these processes and to add the capability of checking company machines periodically for unauthorized software (Exhibit 2).

Exhibit 2: Unisea's Sitekeeper Architecture

{% if main.adsdop %}{% include 'adsenceinline.tpl' %}{% endif %}