Flexibility. This is a word that you will often hear used by Endpoint Management vendors to describe the deployment and management of their solutions. However, what does it really mean, and how many of our competitors can actually lay claim to this term?
As we move into 2010, the adoption of Windows 7 is a core decision many customers will be addressing. Add to this the rising proliferation of cloud computing and Virtual Desktop Infrastructure solutions, and we see that endpoint management disciplines will be key to the success of many IT projects. Customers need flexibility to manage all types of environments.
ZENworks Configuration Management (ZCM) is an award-winning management platform designed specifically to embrace the heterogeneous nature of customer environments. At Novell, we do not want to force the adoption of a specific Operating System, Database Platform or Hypervisor to provide strong end-point management capabilities. ZCM runs on a choice of Windows or Linux platforms at the back-end, supports Oracle, Microsoft and Sybase database platforms, integrates natively and transparently to Active Directory and eDirectory to provide unrivalled user-focused management, all whilst supporting XEN, Hyper-V and ESX virtualisation platforms. On top of this, ZENworks provides a single architecture for our Asset, Patch and Configuration Management solutions. True flexibility. However, let's not dwell too much on how good the ZENworks product family has been up to now, let's discuss what Novell will deliver in ZCM 10 SP3 and how we will push the bar even higher.
For this blog we will focus on two core additions to the configuration management feature set:
- Branch Office Management Improvements
- ZENworks Appliance
ZENworks Configuration Management is one piece of the ZENworks portfolio, for information on the rest of the products please look here: http://www.novell.com/solutions/endpoint-management/
Branch Office Management Improvements
With ZCM 10 SP3, our capabilities to support remote offices have improved dramatically. Two key features have been provided to enhance the remote office management experience:
- Granular control over content delivery and bandwidth utilisation
- Satellite Authentication Role
Granular control over content delivery and bandwidth utilisation
Control of content delivery and bandwidth utilisation has been improved in a number of ways. Firstly, administrators are able to specify the servers that content should be made available to at a bundle folder level. This holds a number of advantages over previous releases as it allows groups of applications or patches to be sent to sites with a few mouse clicks. The example in Figure 1 shows that all bundles in the “Human Resources” folder should be sent to the “Stockholm” remote office.
Figure 1: Specify content delivery at the folder level
Once you have defined “where” content should be available, the next stage is to define “how” and “when” it gets there. ZCM 10 SP3 will introduce powerful options to control when content is transmitted to other Primary Servers and Satellites. To begin, we have defined different content types allowing for prioritisation of content delivery. For example, it is likely that critical security patches will need to be made available as soon as possible to remediate security threats, whereas content such as Informational patches are less important. Figure 2 shows how different content types can be configured for a content server.
Figure 2 – Granular content control
For each content type the administrator can specify the window of opportunity for synchronisation, how often this reoccurs and more importantly how much bandwidth to consume during these operations. Network administrators are very protective and their wrath should be avoided, administrators can now ensure that other services at remote sites are not affected by content delivery. If the window of opportunity and throttled bandwidth rate is not sufficient to completely synchronise all content, the process will carry on from where it stopped when the window open of opportunity opens again. Figure 3 shows that Critical Security Patches will be synchronised every 4 hours, only consuming 300kbps during the transfer.
Figure 3: Specify window of opportunity for content synchronisation
These improvements to content management and bandwidth utilisation allow administrators to ensure that content is always available in only the relevant locations, but more importantly that ZENworks does not necessarily consume all bandwidth during this process.
Satellite Authentication Role
With ZCM 10 SP3 we can assign the ZENworks Authentication Role to a Satellite device where previously this was restricted to ZENworks Primary Servers. This allows for separate connections to be made to an eDirectory or Active Directory user source by Satellite devices that are local to remote managed endpoints. Take the scenario where a remote office exists with a local replica of eDirectory, instead of intercepting credentials and sending them over the WAN to a ZENworks Primary Server, this can now happen locally on the LAN via a Satellite device. Figure 4 shows an example of a Satellite Authentication Role configured to connect to a local user source.
Figure 4: Branch Office
Providing strong control over what content is synchronised across slow links, while strictly controlling the amount of bandwidth ZENworks can consume and allowing user authentication to occur locally improves the support for remote branch offices significantly.
Appliance Deployment Option
ZCM 10 SP3 has taken advantage of Novell's innovative SUSE Appliance Program by offering the ability to deploy the back-end infrastructure as an appliance or set of appliances. Customers can now download a VMware ESX-based virtual appliance that can be quickly and easily deployed on any VMware ESX or ESXi server, reducing the roll out time for new ZENworks Primary Servers.
The ZENworks Appliance image is stored in an open virtualisation archive format (.ova) enabling the administrator to import it using the VMware VSphere Client application. On first boot, the appliance will ask for identity and network information before taking the administrator through a cut-down installer for ZENworks. A ZENworks appliance can be deployed standalone or joined to an existing ZCM deployment. Figure 5 shows one of our appliances booting.
Figure 5: ZCM Appliance
If you are a customer looking for simplified deployment or a partner offering a managed service, the ZENworks appliance option should resonate very strongly with you. The appliance offers a simplified and rapid deployment experience for the back-end infrastructure with no reduction in service or capabilities. Simply put, the appliance is a deployment option – if you are licensed for ZENworks Configuration Management you are entitled to download and use the appliance.
In conclusion, ZENworks Configuration Management is your truly flexible friend. Both the deployment and management options for this unique product family are a showcase for Novell's commitment to providing market leading management capabilities whilst embracing the true heterogeneous nature of most IT environments. Stay tuned for more details about this future release, all of the features covered in this article will be discussed in sessions at BrainShare. If you attend the conference, please check out the sessions and pay a visit to the ZENworks lab to see live demonstrations and engage in detailed technical discussions.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.