IBM Endpoint Manager for Lifecycle Management (Overview)


Published on

Complete visibility and management over all endpoints - physical or virtual, on- or off-network across Windows, Max, Unix, and Linux servers, desktops, laptops, and specialty devices. Includes network discovery, deep hardware and software inventory of managed devices, software distribution and patch management, OS deployment and bare-metal provisioning, and remote control.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • US Foods was like a lot of companies using ineffective tools and manual process to try and stay on top of software asset management. However, as their environment grew they were falling further behind in software asset management and using up increasing amounts of IT resource trying to reconcile software license across their 67 sites. With IBM Endpoint Manager they were quickly able to collect the information they needed across all their endpoints and save a significant amount of time. In addition to time, they also saved $500K on software licenses that were not being used or rarely used, by down grading the licenses to a less expensive version of the software. They were also able to bring their endpoints into license compliance avoiding one million dollars in license noncompliance fines. With these kinds of savings, it is easy to see how software asset management quickly became a self funding project for them and allowed IT resources to be moved to higher value projects.Transition: Let’s look at some of the savings that other customers we have worked with have discovered.
  • IBM Endpoint Manager for Lifecycle Management (Overview)

    1. 1. © 2012 IBM Corporation IBM Endpoint Manager for Lifecycle Management Product Introduction and Overview [NAME], [TITLE] [DATE]
    2. 2. © 2013 IBM Corporation2 IBM Endpoint Manager • Concord Hospital achieves 98% first- pass success in hours on their Microsoft and 3rd party patches • Stena Lines achieved a 12:1 labor savings ratio by reducing administrative overhead time for patch processes • Li & Fung has been able to reduce the number of management servers from 79 to 3 and the number of FTEs (full time equivalents) from 6 to 1 Effective endpoint management drives significant savings
    3. 3. © 2013 IBM Corporation3 IBM Endpoint Manager IBM Endpoint Manager Continuously monitor the health and security of all enterprise computers in real-time via a single, policy-driven agent Endpoints • One infrastructure: management server, console, agent for Windows, Mac, Unix, Linux, Mobile • Scales to 250,000 endpoints per management server • Robust, flexible architecture with built-in failover • Nearly-invisible impact to network, endpoints • Operates in low-bandwidth / high-latency environments • Physical or virtual, network or Internet-connected IBM Endpoint Manager Patch Management Lifecycle Management Software Use Analysis Power Management Mobile Devices Security and Compliance Core Protection Desktop / laptop / server endpoint Mobile Purpose specific Systems Management Security Management Server Automation
    4. 4. © 2013 IBM Corporation4 IBM Endpoint Manager Security & Compliance Vulnerability Assessment Compliance Analytics 3rd Party Endpoint Protection Management Patch Management Security Configuration Management Core Protection Anti-Malware Firewall Data Protection (add-on) Patch Management Offline VM Patching Application Patching OS Patching Mobile Devices Compliance App Mgmt Mobile Device Mgmt The IBM Endpoint Manager Family Middleware Management Multi-Platform OS Deployment Physical & Virtual Server Lifecycle Management Cross-Server Sequenced Task Automation (e.g. Patch OS on Server Cluster) Server Automation Power Management Windows & Macs Carbon, cost reduction reports End-user Dashboard Lifecycle Management Software Distribution OS Deployment Remote Control Patch Management Basic HW & SW Inventory Starter Kit TPM evolution Software Use Analysis Software Catalog Correlation Software Usage Reporting Software Inventory TADd / ILMT convergence App, PIM Containers Self-Quarantine Starter Kit
    5. 5. © 2013 IBM Corporation5 IBM Endpoint Manager Stores / Kiosks WAN Data center Headquarters Remote offices Distribution center Internet WiFi Airport Hotel Coffee shop Home Leased line 3G WiFi IBM Endpoint Manager, built on BigFix technology Whether it’s a Mac connecting from hotel WiFi, a Windows laptop at 30K feet or a Red Hat Linux Server in your data center, IBM Endpoint Manager has it covered. In real time, at any scale. Satellite Network-friendly architecture delivers large packages without disrupting critical business applications Single, intelligent agent uses <2% CPU, <10MB RAM Cloud-based service continuously provides new patch, policy updates Full command and control of Internet- connected devices Use existing computers as Relays to minimize network traffic Content Update Service Leased line
    6. 6. © 2013 IBM Corporation6 IBM Endpoint Manager IBM Endpoint Manager elements Single server and console • Highly secure, highly available • Aggregates data, analyzes and reports • Manages up to 250K endpoints per server Flexible policy language (Fixlets) • Thousands of out-of-the-box policies • Best practices for operations and security • Simple custom policy authoring • Highly extensible/applicable across all platforms Lightweight, easily configurable infrastructure • Designate IBM Endpoint Manager agent as a relay or discovery point in minutes • Provides built-in redundancy • Leverages existing systems/shared infrastructure Single intelligent agent • Continuous self-assessment • Continuous policy enforcement • Minimal system impact (<2% CPU, <10MB RAM)
    7. 7. © 2013 IBM Corporation7 IBM Endpoint Manager Lifecycle Management • Asset Discovery • Patch Management • Inventory Management • Software Distribution • OS Deployment • Remote Desktop Control • Role based software deployment and user self-provisioning • Hardware independent OS imaging and driver management • Dramatically reduced patch cycles and increased first-pass success rates • Closed loop validation in real time • Multi-platform support from a single console (Unix, Linux, Windows, Mac OS X) Benefits:Services: Dramatically reduced patch cycles and increased first-pass success rates Multi-platform support (Unix, Linux, Windows, Mac OS X)
    8. 8. © 2013 IBM Corporation9 IBM Endpoint Manager Today’s reality TO-DO LIST •Find all assets on the network for a software audit •Deploy a software application worldwide in days •Provide status on critical security patch installation •Report to finance on key software asset metrics ASAP •Submit plan for reducing Help Desk costs
    9. 9. © 2013 IBM Corporation10 IBM Endpoint Manager Find all assets on the network for software audit • Use asset discovery and inventory reports to create dynamic situational awareness about changing conditions in the infrastructure. • Run distributed scans on the entire network to identify all IP-addressable devices. • Keep stakeholders informed with easy to use near real-time reporting. How do I stay on top of a rapidly evolving infrastructure? Asset Discovery Results
    10. 10. © 2013 IBM Corporation11 IBM Endpoint Manager Deploy a software application worldwide in days  Deliver software packages through policy based deployment and ensure success with closed-loop verification.  Manage software distribution across Windows, Linux, and Mac OS platforms from a single point of control.  Deploy Windows images to new workstations, notebooks and servers as well as OS migration and refresh for existing endpoints.  Layer on required software, enforce security configuration policies and rapidly apply critical patches. How can I keep up with software deployment requests? Managing software packages
    11. 11. © 2013 IBM Corporation12 IBM Endpoint Manager Provide status on critical security patch installation With more critical patches every week, how can I keep up?  Increase first-pass success rates from 60- 75% to 95-99+%  Reduce patch and update times from weeks and days to hours and minutes  Access real-time reporting  Provide patches to distributed endpoints regardless of their location, connection type or status.  Deliver patches for Windows, UNIX, Linux and Mac OS and for applications from vendors including Adobe, Mozilla, Apple and Java.  Automated self-assessment, no centralized or remote scanning required Patches for Windows Overview dashboard
    12. 12. © 2013 IBM Corporation13 IBM Endpoint Manager Deliver report to finance on key software asset metrics ASAP How can I reduce the time spent providing reports? Includes near real time and continuous reporting and analysis from the intelligent agents on your organization’s endpoints Web based reporting Asset Mgt. reporting Patch reporting
    13. 13. © 2013 IBM Corporation14 IBM Endpoint Manager Submit plan for reducing Help Desk costs With more critical patches every week, how can I keep up?  Save time and improve responsiveness to end user needs  Support and remote control Windows and Linux desktops, notebooks and servers throughout the distributed environment regardless of connection type (direct access, VPN, internet brokered)  Troubleshoot issues remotely, upload client diagnostics and automatically generate reports to identify solutions quickly Right-click on the target you want to establish a remote control session with
    14. 14. © 2013 IBM Corporation15 IBM Endpoint Manager CenterBeam’s endpoint management services are delivered under a utility-based computing model, in which companies pay per-node on a monthly basis. As a result, the more efficient and effective CenterBeam is in delivering its services, the more successful the company is. Customer Needs Key Features &Outcomes  Increased policy compliance by more than 20 percent (from 80 percent to 98 percent)  Supported a tenfold increase in number of endpoints under management with only one engineer  Helped clients mitigate risk and strengthen endpoint security Delivers 98 percent policy compliance across all enterprise devices—server, desktop CenterBeam is a U.S.-based IT managed service provider (MSP) serving mid-size businesses. With a 13-year track record of delivering cloud-based IT services, CenterBeam provides customers with on-demand IT capacity utilizing a subscription pricing model. “With our old solution, we had two engineers managing 2,500 endpoints. Now we need only one engineer managing 20,000 endpoints and we have 98 percent compliance against our policy baselines.” —Shahin Pirooz, Executive Vice President, Chief Technology Officer, CenterBeam Case Study: Centerbeam – Improves compliance and reduces costs
    15. 15. © 2013 IBM Corporation16 IBM Endpoint Manager Summary •Find and remediate unmanaged assets •Easily deploy a software application worldwide in days •Achieve 98.5% first pass success rates for patch installation •Support stakeholders across the business with easy to use real-time reporting •Reduce Help Desk costs with built-in remote control and troubleshooting capabilities
    16. 16. © 2013 IBM Corporation17 IBM Endpoint Manager BACKUP SLIDES •Software Distribution •Remote Control
    17. 17. © 2013 IBM Corporation18 IBM Endpoint Manager Software Distribution Information
    18. 18. © 2013 IBM Corporation19 IBM Endpoint Manager Software Distribution via Tivoli Endpoint Manager IEM Console IEM Relay 2. Admin imports library, customizes packages, and initiates policies 4. Eligible IEM agents act on the policy, installing prerequisites and offering installations to users 5. Completed actions are immediately reported to the IEM Server Existing Software Library IEM Server 1. Admin imports library from network storage 3. IEM Server and Relays manage and cache downloads for workstations
    19. 19. © 2013 IBM Corporation20 IBM Endpoint Manager 2 Client Dashboard
    20. 20. © 2013 IBM Corporation21 IBM Endpoint Manager Capabilities  Tool for importing pre-existing packages  Intuitive library management interface  Automatic setup of MSI, EXE, BAT, SPB, App-V installation processes  Customize installations/removals  Duplicate and modify packages without duplicate files  “Follow the user” targeting of installs  App-V – Microsoft Application Virtualization. We use the App-V client to manage these on the end point, see the App-V Client Dashboard 21
    21. 21. © 2013 IBM Corporation22 IBM Endpoint Manager ―Follow the User‖ Targeting  Construct complex rules using Computers, Users, Security Groups, and Organizational Units  Full control of logical groupings  TEM Agent queries Active Directory APIs at user login events and caches results  Low impact to environment  Speedy enforcement of policy
    22. 22. © 2013 IBM Corporation23 IBM Endpoint Manager Remote Control Info
    23. 23. © 2013 IBM Corporation24 IBM Endpoint Manager Tivoli Remote Control Peer to Peer 24 IEM Server DB TRC Controllers TRC Targets Windows or Linux Systems