landesk management suite 8.6
DESCRIPTION
TRANSCRIPT
LANDesk Confidential
LANDesk Management Suite 8.6
LANDesk Usergroup Konferenz14. September 2005
Köln
Detlef LükeTechnical Consultant
Product Overview
2
LANDesk Confidential
What´s New ?LANDesk Advance AgentLANDesk Management Gateway Enterprise management over Internet
Software Distribution EnhancementsIntel AMT Support Effective and efficient asset management leveraging Active Management
Technology from Intel®.
Local Account ManagementRBA Active Directory integrationNew Reporting / -ModulePlatform Support Expanded Linux Support Expanded Macintosh Support
Misc
3
LANDesk Confidential
LANDesk Advance Agent
4
LANDesk Confidential
What is the Advance Agent ?
A robust, bandwidth aware, boot/install agent
Used to install a standard agent
Based on existing LANDesk technologies
It is not a replacement for the Standard Agent
5
LANDesk Confidential
Leveraging Existing Technology
The Existing LANDesk Agent Can Give way to non-LANDesk network traffic Use a percentage of the available bandwidth Get packages from other LANDesk clients Detect connection speed Carry on file copy from last point
Why not use the same approach to deploying the agent? In Management Suite 8.6 this is what the Advance Agent does
6
LANDesk Confidential
Advance Agent - Features
Based on the HTTPCopy Utility Restartable copying Bandwidth control
- A maximum bandwidth can be specified that will not be exceeded during the copy operation.
Additionally it can Run as a service Handle authentication to http location Detect presence of http location to restart file copy Send status messages Use Task completion
7
LANDesk Confidential
Deploying the Advance Agent
Deploy to Unmanaged Device Just like the Standard Agent Relies on RPCs
Group Policy The small size of the agent makes this feasible Configure Group Policy Slow Link Threshold
Logon Scripts
E-Mail or media
8
LANDesk Confidential
LANDesk Management Gateway
9
LANDesk Confidential
Customer “Pain Points”
Need to Manage users outside of the corporation without “Punching Holes” in
firewall
Dial up connections are to slow, but purchasing a
VPN (Virtual Private Network) solution is too expensive
Distributed sites which due to the small size,
temporary nature or limited local communication availability the only connection available is an internet link
Management across the internet without compromising the
security of the end point or my corporate infrastructure
“RFP for the State of South Carolina, one of the key requirements was to distribute software securely to end points over the Internet” *State of South Carolina
“RFP for the State of South Carolina, one of the key requirements was to distribute software securely to end points over the Internet” *State of South Carolina
“Displace the costs of a VPN project for all 300+ of their restaurants, and give them management capability, this would easily build the case for
using LANDesk versus another tool” *Outback Steakhouse
“Displace the costs of a VPN project for all 300+ of their restaurants, and give them management capability, this would easily build the case for
using LANDesk versus another tool” *Outback Steakhouse
“Asked if there is way to utilize the ISS pro technology with a core server and give end point management to nodes over DSL, and Cable modem connections . A 40,000 node opportunity that has end points that require management through the Internet cloud.”*Sales Opportunity Yellow Region
“Asked if there is way to utilize the ISS pro technology with a core server and give end point management to nodes over DSL, and Cable modem connections . A 40,000 node opportunity that has end points that require management through the Internet cloud.”*Sales Opportunity Yellow Region
“Most of their nodes are outside of their network and they have been looking for this solution for a few years, If this functionality was available now I would have a check to give you right now” *David Weekley Homes
“Most of their nodes are outside of their network and they have been looking for this solution for a few years, If this functionality was available now I would have a check to give you right now” *David Weekley Homes
10
LANDesk Confidential
“How it works”Example: Outlook Web Access
Perimeter Firewall
Personal Firewall
LANDesk Corporation
LANDesk Laptop
“LANDesk Gateway”
Managed Devices
Personal Firewall
Perimeter Firewall
LANDesk Core Server
• Enables communication through firewalls and proxy servers
• Does not require a VPN infrastructure• Brokers connections and provides
authentication• SSL encrypted
11
LANDesk Confidential
Supported LANDesk Client Features
Inventory gathering Hardware Software
Software License Monitoring
On Demand Remote Control features Remote Keyboard, Video, and
mouse control File Transfer Chat Remote Execute Screen Draw Reboot
Software distribution Policy based (Client pulls down
jobs)
Security functions Patch Management Spyware Management Security Threats Custom Definitions Blocked Applications LANDesk Updates Connection Control Anti-Virus Enforcement
12
LANDesk Confidential
Benefits
Allows Management of devices without traditional network boundary restrictions
Gives access to remote computers Without investing in expensive point to point WAN infrastructure Access to computers over T-1, DSL/Cable, or Dial-up
Give remote devices access to LANDesk’s most popular features Including Remote Control, Software Distribution, Inventory, Software
License Monitoring
Requires minimal hardware investment
13
LANDesk Confidential
Business Scenario
Request to Core server as xml sent via httpGateway
Core Server
ClientClient
ClientClient
ClientClient
ClientClient
Customer A
Customer B
14
LANDesk Confidential
Gateway MachineRuns on LDLinux LANDesk’s own Linux distribution based on the Linux 2.6 Kernel.
Minimal Operating SystemMinimum Hardware Requirements P4 Processor (dual processors supported) 1 GB RAM IDE disk drive (SCSI, SATA supported. Hardware RAID is not supported) VGA Video High Speed NIC (100 mb or Gigabit) Bootable CDROM Keyboard (mouse not required)
Private IP ranges and unneeded ports blockedRoot account is disabled Admin account is created with strong password requirements
Gateway runs as a web service Custom built LANDesk proprietary web service (not Apache).
Configuration performed through web browser
Gateway
15
LANDesk Confidential
Gateway Client
Uses CBA8 “Unified Pipe” architecture. Ensures that all agents communicate using same processes and
protocols.
Uses an http based Proxy Host.
Agent Component (example: LDISCN32.EXE)
HTTP Proxy Agent
Core Server
Gateway
The agent component is launched.
With the Gateway Client installed, the communication in sent to the Proxy agent.
The proxy agent determines where to send the communication; either to the core or thru the Gateway. The decision process is configurable through the BrokerConfig utility.
16
LANDesk Confidential
Gateway Client: Secure Access
Security is needed since Gateway is built for access over public network.Certificate based security.BrokerConfig.exe used to initiate authentication to core server through gateway.Once authenticated certificate from core is given to client.Certificate can be blocked if needed.
17
LANDesk Confidential
Core to Gateway Communication
Uses a reverse proxy agent on Core Translates requests and processes them As though they were locally connected.
Keeps a minimum of six connections opened To receive communication from the Gateway.
Validates communication by examining client certificate.
Request to Core server sent via http
Gateway
Core Server
18
LANDesk Confidential
LANDesk Software Distribution
19
LANDesk Confidential
Private and Public Ownership
Packages and Delivery Methods are now organized with ownership similar to Queries.
Both can be made publicly available or added to users by the Administrator.
Private packages can use dependencies. Dependency must be a public
package
20
LANDesk Confidential
Multiple Queries Added to Target
Simple as dragging and dropping of queries.
Queries are not processed till task is executed. Task properties will show queries in the Target Devices window.
Code has been changed to ensure tasks run efficiently
Even though queries have been added as targets, the list of targets is zero. This is because the queries have not been run. Queries on run when the task is executed.
21
LANDesk Confidential
Linux Distribution Packages Added
Supports only RPM packages
Uses a RPM command line format to install the packages.
RPM files must be downloaded through a web share (MS/Samba shares are not supported).
22
LANDesk Confidential
Database Macro Parameters
Allows you to retrieve values from the device’s database entries and pass them as command line parameters.
Useful for Distribution Packages based on Batch files or Executables.
23
LANDesk Confidential
Reporting
24
LANDesk Confidential
What's New in Reporting
Redesigned from the ground up
Integrated report design tool(“Create your own reports using the LANDesk Report Designer”)
Reports can be filtered by user scope and e-mailed
Ad-hoc reporting added
25
LANDesk Confidential
Types of Report
Ad-Hoc Reports “View as Report” Option
Standard Reports Cover all aspects of Management Suite
User Defined Based on Inventory Query Report Designer Tool
26
LANDesk Confidential
What are Ad-Hoc Reports ?
Ad-Hoc reports provide a snapshot
Report contains same information as screen
Column Sets may be applied
No need to define a query
Useful for producing system documentation
Not always available i.e. Unmanaged Device
Discovery
27
LANDesk Confidential
Generating Ad-Hoc Reports
Select a Component: Network View Users Software and Patch Manager etc.
Right Click “View as Report”
View the Report
Export if desired Select a format such as PDF,
HTML or RTF
Print if desired
28
LANDesk Confidential
What are Standard Reports?
Predefined Reports Built-in Arranged by Component May not be Customised
Support Different Output Formats such as PDF HTML RTF
29
LANDesk Confidential
Working with Standard Reports
Tools | Reporting / Monitoring | Reports
Browse and select a report
Right click and select from: Run – Generates a report now Publish – Options for location and format Schedule Publish – Creates a scheduled task Group Membership – Displays other groups containing report Copy – Copy a Report to Paste into another Group
30
LANDesk Confidential
Platform Support
31
LANDesk Confidential
Linux Support
Linux Version support Redhat 3, SuSe 9, Mandrake 10.1
Hardware Platforms X86
LANDesk Products supporting Linux LANDesk Server Manager (Redhat, SuSe) LANDesk Management Suite (Redhat, SuSe, Mandrake) LANDesk Security Suite (Redhat, SuSe)
Features Common Base Agent
- Remote Execute- File Transfer- Power Off & Reboot
Inventory- Hardware & Software
Automated Agent Deployment Software Distribution
- RPM Distribution Patch Management
- Vulnerability scanning- Redhat & SuSe
32
LANDesk Confidential
Mac OS Support
Mac OS Version support Mac OS 9.22 Mac OS X 10.2.x, 10.3.x, 10.4
Hardware Platforms G3, G4, G5
LANDesk Products supporting Mac OS X LANDesk Management Suite LANDesk Patch Manager
New Features Mac OS X 10.4 support (Tiger) Safari browser supported for Web console (Tiger only) OS Deployment
- Profile migration
- Bare-metal provisioning
33
LANDesk Confidential
Misc
34
LANDesk Confidential
Role-based Administration(Active Directory Integration)
leverages your existing IT investment in Active Directory for assignment of roles (rights) in the Management Suite console
No longer required to build/replicate your existing Active Directory structure in the management console users tool
View Active Directory structures within the Management Suite console
Assignment of LANDesk rights to Active Directory groups or organization units
Supports rights inheritance
35
LANDesk Confidential
Local Account Management from LDMS Console
Account & group management for customers without Active Directory
Ability to reset local passwords real-time
Manage local users and groups with real-time access
Add, rename, remove, and edit local users and groups
Reset passwords
Local account management information is associated with system inventory for queries & reporting
36
LANDesk Confidential
Keyboard Mapping in RC RC machines with different Locale Setting
37
LANDesk Confidential
Fragen ?
Applaus !