�We use a combo of third-party stuff and the stuff that comes with the OS.�
�And? Don't they help?�
�Well,� he said after a pause, �they make the cat-herding more advanced...�
Turned out that in Perry's case, the endpoint management strategy, though it does a certain amount of herding, also adds to the number of cats.
Consider his rough estimates:
- 24,000 user desktops and laptops
- �Low thousands� of virtual and physical servers -- the number changes every day
- Four fundamentally different operating systems (Windows, Mac OS X, UNIX and Linux -- all in different flavors)
Actually, he didn't say �cumbersome.� I can't print what he did say.
Mobile devices are changing the game -- is your endpoint management solution up to the challenge?
Things are getting more complicated, too. With the instant popularity of mobile devices like smartphones and tablets, the number and diversity of endpoints have rapidly scaled up.
That means more operating systems, more agents, more security wrinkles and more compliance challenges to consider -- not to mention the host of human-interest issues that apply to personally owned endpoints.
I asked Perry what his answer was to all of that.
�Same as it was five years ago,� he said. �Be thankful I don't have to do endpoint management stuff any more.�
Well, I couldn't resist telling him about the IBM Endpoint Manager family, which applies neatly to a typical situation like Perry's:
- One agent for a wide range of capabilities
- One server, capable of handling up to a quarter-million endpoints (almost 10 times as many as Perry's organization has)
- One interface to use in gathering and analyzing endpoint information, as well as carrying out endpoint tasks
And yet it only requires 2 percent or less of endpoint resources, so users don't even notice the agent doing anything. So all those endpoints are no longer cats to be herded; they are instead, a de facto grid architecture that distributes computational tasks evenly and handles them transparently. Pretty slick, no?
All of that came as news to Perry.
What came as news to me, recently, is that the same product family will soon work for those mobile endpoints I mentioned earlier, like smartphones and iPads.
Soon-to-be-released IBM Endpoint Manager for Mobile Devices supports four major mobile platforms
With the advent of IBM Endpoint Manager for Mobile Devices, IBM is tackling one of the biggest shifts in endpoint management in years: the fact that people increasingly want to use (and do use) their own personal devices to handle work stuff.
�We're living in a mobile world,� said Kimber Spradlin, Product Marketing, IBM Endpoint Manager family. �Organizations are going to have to find ways to manage mobile devices, too, not just traditional endpoints like servers and laptops and desktops. And IBM Endpoint Manager for Mobile Devices really makes that job easy because it builds on our current platform, so you get the functionality you need, not the complexity you don't.�
Specifically, it handles devices based on four mobile platforms: Windows, Apple's iOS, Symbian and Android. And because those platforms handle security and management tasks in different ways, Endpoint Manager for Mobile Devices supports both agent and 'agentless' control mechanisms. This way, a single management solution can continue to address all endpoints -- even though some of them don't allow agent installation at all.
�Apple's iOS doesn't,� said Spradlin. �But Apple does provide a management API. So this can be used to handle certain tasks, like partially wiping work e-mails, or calendar data, if the organization needs to be protected from exposure. Android, on the other hand, does allow an agent, so we simply ported our current agent to that platform. In every case, the idea is just to provide the management functionality, and security controls, to whatever extent that it's possible.�
Security does seem like a significant issue; mobile endpoints, by nature, move from point A to point B much more often. And if your smartphone disappears on a vacation, you probably don't want outsiders being able to go through the phone, reading company mail and accessing company resources. That's true whether you're the employee who lost the phone, an IT manager who works with that employee or an exec with a focus on minimizing business risk.
For employees who might be concerned about the sensitivity of personal data, an important point is this: the IBM offering protects you, too.
Suppose your missing phone is loaded with family photos that show your kids, your street address, your pricey new car and other things you'd rather a phone-stealing criminal not be aware of. You can simply request that your phone be data-wiped or access the self-service portal if your company implements that option. And presto, it will be.
Create an in-house app store for extra value
Also interesting: Endpoint Manager for Mobile Devices allows organizations to create an enterprise app store. This way, they can offer specific new capabilities for mobile devices in a way that -- just like the security controls -- is of direct benefit to employees.
For instance, organizations might be able to get a significant discount on third-party apps by buying licenses in bulk, and then passing on the discount to employees. �Reduced rate� is a popular phrase when it comes to software purchases.
And, of course, there's a security angle to consider here as well. Employees can download apps from the enterprise app store in confidence that they've already been exhaustively scanned for malware, and are endorsed by the organization as trustworthy. That's not always the case for new apps -- and as mobile device popularity continues to skyrocket, the odds of security-problematic apps go up every year.
Similar value stems from apps that are developed internally. Imagine an organization has a unified asset management solution. Imagine that solution is used in vastly different ways by dozens of different operational groups.
In such a case, the organization might create feature-limited, task-focused apps that target exactly what those groups need to do. These apps could then be offered via the app store for easy downloading and installation to any supported mobile device.
This story gets even more appealing when you consider that, over time, as new versions are released, the older versions installed on endpoints would normally go out of date. That could translate into all sorts of unwanted ramifications, from less-than-ideal performance or stability all the way up to something a lot more catastrophic, like a serious security shortcoming that leads to a breach of company services.
�What you're talking about is endpoint lifecycle management,� said Spradlin. �That's one of the areas where IBM Endpoint Manager shines. For mobile devices using apps like that, it's great to be able to push out new versions -- knowing in advance which endpoints need them and skipping the others. Now, the device owner still has to approve the installation, so it's not completely automatic... but then on the other hand, that user probably wants to know when new apps are being installed, right? So there's a nice balance between the organization's need for risk management and productivity, versus the user's need to be aware of what's on the device and what it does.�
Interested in learning more? Sign up for the beta and be sure to attend Pulse 2012 in Las Vegas, where mobile endpoint management will be a major theme providing you with a lot more specific information about this offering, slated for a March release date!
Sign up for the IBM Endpoint Manager for Mobile Devices beta
Explore the Mobility and Endpoint Management stream at Pulse 2012
Register for Pulse 2012 today
Discover how IBM Mobile Enterprise can help you improve productivity, grow market share, drive innovation and enable a social enterprise
Guest blogger Wes Simonds worked in IT for seven years before becoming a technology writer on topics including virtualization, cloud computing and service management. He lives in sunny Austin, Texas and believes Mexican food should always be served with queso.
Likes before 03/04/2016 - 0
Views before 03/04/2016 - 11137