In the second of a two-part series , our sister publication Software Tools Bulletin selects some of the best development tools to emerge during 1997.

Storage management: Cheyenne ARCserve

Cheyenne grew up as a solution provider for LAN implementations and was concentrated mostly in the platforms most appropriate for that arena – Microsoft, Novell and Intel. However, the company has been extending its products beyond this market into the enterprise market, and its acquisition by Computer Associates has accelerated this process. ARCserve is now the preferred storage management solution for Unicenter TNG and is a market leader in its field. Cheyenne still deals with its disk management and anti-virus products for LAN-based environments, but there is a clear focus on storage management products in the wider enterprise market. It has developed a high quality collection of tools and agents that work well together, in both the Novell NetWare and Windows NT operating environments. ARCserve has maintained the look-and-feel of a LAN-based tool, but has steadily extended its capabilities to take in Unix platforms and to add powerful enterprise functions. ARCserve has facilities for HSM, RAID, disaster recovery, open file backup, and a number of other features that are targeted at mission critical applications. The control of physical devices is good, and the software control of the HSM environment is both effective and practical. ARCserve is able to scale from very small LAN implementations through to large scale heterogeneous configurations. The base configuration is designed to provide easy management, but as the operation grows in size and complexity, optional products can be added to bring in mission- critical functions and additional security. Thus, the pricing remains competitive with equally capable products – a small system can be implemented very reasonably, whilst enterprise systems will cost significantly more. In terms of performance there is no problem with scaling, as long as the network traffic is adequately managed.

Asset management: Apsylog Asset Manager

Since the original evaluation was written in July 1997, Apsylog has found itself taken under the wing of Peregrine Systems. This was always a likely outcome since Apsylog was a relatively small organization with a very good niche product. Asset Manager should prove to be a good complement to the other products supplied by Peregrine. Asset Manager is a complete asset lifecycle management tool, providing workflow and control over the entire acquisition process including quotation management, placing the order, supplier management and delivery. In particular, it suggests the preferred supplier for a particular item, co-ordinates the ordering and approval process and then manages multiple and partial deliveries. In addition, Asset Manager is able to store details of warranties, guarantees, maintenance contracts and finance arrangements that will be of use throughout the life of the asset. After procurement, the next part of the lifecycle is the installation and change management of the asset. Installation details identify the physical location of the asset and the components that are used to configure the finished installation. Here, there is a relationship between the asset data, the employee database, organizational hierarchies and other details. This is all brought together through a simple helpdesk function that allows access to the information through a call management interface. As problems or changes occur, the details can be logged through the helpdesk and technical details, along with any service contracts or warranties, can be checked. The final process in the chain is asset disposal. For many desktops this involves close integration with a rubbish container, but the value of these disposals needs to be checked. One of Asset Manager’s strengths is that it can be used to enforce such checks so that modem cards, graphics adapters and other useful components are not lost with the asset. This is particularly the case where the asset is leased and then upgraded over a period of years. At the end of the lease, it is possible to co-ordinate the return of the asset in its original condition rather than handing back the upgrades. Finally, Asset Manager is not constrained to the management of IT assets. Any corporate asset can be managed through this tool – even people can be treated as assets. This allows an organization to define important information about IT skills, training needs, and other details, to build a comprehensive database of IT and other resources. This can then be used to identify skills and training requirements, as well as assessing the impact of reorganization and staff movements.

Software distribution: Novadigm EDM

The costs and the difficulties associated with the delivery of applications to the desktop, and ensuring the synchronicity of new releases, can be a major headache. This is where Enterprise Desktop Manager (EDM) is positioned. It provides software change and configuration management, including distribution and creation of business policies, based around its patented ‘Distributed Object Differencing’ approach. EDM uses a ‘desired state’ model to detect differences from the required software configuration, and initiates changes to create the ‘desired state’. In this way, the management overhead in both manual and technical terms can be kept to a minimum. As a natural extension to the client-server architecture, EDM functions can be applied to mobile computing and intranet, extranet, and internet configurations. Like other software distribution mechanisms, EDM works from a centralized store of managed software, and compares the actual state of a managed platform with the desired state defined in its repository. The system model that is defined, defines relationships between users, applications and network devices, and allows the creation and modification of the policies that govern software change and version management. EDM undertakes a process of continuous configuration, that is a mixture of automatic discovery and manual information entry. Each client is scanned in order to detect changes to the hardware and software configuration. This information is fed back to the main repository, where it can be compared with the desired state model. EDM can then act appropriately. For example, it may remove the changed software and replace it with authorized equivalents, or simply log the information for the attention of the system manager. Changes to installed packages and applications become automatic, and it is possible to create a hierarchy of servers that forward the changes as they are received. EDM can also be used to recover the desired state from any configuration that is running its client software. This means that systems that have become corrupted, or mobile users that connect infrequently, can have their systems reconstituted without having to go through all of the intermediate states. EDM simply uses its Object Differencing algorithm to identify the components that are wrong and substitutes the latest correct version. Once again, in an area of systems management where it is difficult to distinguish between most products, Novadigm has shown that it has thought hard about the issues surrounding the subject and has created a strong automated solution.

Helpdesk: Remedy Action Request System

The greatest strength of Remedy’s Action Request System (ARS) is that it is not a helpdesk tool. The helpdesk is simply an application that has been developed as a basis for further development. There are also similar solutions for change management and asset management. The whole point is that ARS is a development environment based upon a transactional workflow engine. Any business processes that can be described in such terms can be automated with ARS. This makes it almost impossible to criticize any component of the helpdesk solution, because anything that may be missing or designed in a way that does not fit with the host organization can be changed or created very easily. The ability to customize (and to do so very easily) are key to the development of the solutions. Remedy has also introduced the ability to access ARS applications through web browsers. Within the helpdesk solution, information entry and retrieval is good, as is the support for different classes of service users. The context sensitive displays and the support for trigger technology at both application and server levels is strong. ARS has an approach to event handling that is easily understood and supported, and allows escalation procedures and notification processes to be constructed with ease. Openness is a key feature, with published interfaces throughout, that allow ARS to be integrated with many third-party environments. This has led to ARS becoming the helpdesk of choice for most environments that do not have their own implementations.

Security: Bull ISM/AccessMaster

ISM would have been a close contender for the choice of enterprise management tool if it were not quite so technically biased and tied quite so strongly into the Bull AIX environment. ISM is a massive suite of tools for systems management that is broken up under 6 main functionality headings. AccessMaster is the security management component and one of ISM’s highlights. It is the combination of capabilities, rather than any specific feature, that raises AccessMaster above competing products. There are two main components – a single sign-on product and standard authentication features built around a central database of user profiles. The single sign-on capability allows a user to access multiple systems through the use of a single identifier and password combination. This is then used to access the user profile, and to show only the applications that he or she is authorized to see. This desktop lockdown is the fundamental basis for many security solutions where sensitive applications are restricted, so that only those that need them have access. AccessMaster is able to extend this idea to the applications themselves, with an editor that allows an administrator to restrict access to menus, individual menu entries, screen buttons and other functionality according to the user or group identification. This is the only solution so far encountered that could address the problem of including OLE objects into Microsoft documents, without severely restricting access to standard productivity tools. AccessMaster provides total flexibility over the composition of desktops and applications. All of this is built onto a robust authentication system that supports the creation of detailed user profiles that can include specific individual authentication methods to be executed, access times, workgroup membership and privileges. This information is held on a security server and is shared across the managed environment as required. One particular area of interest is its handling of smartcards, where full authentication information is linked to a card. AccessMaster uses either DCE or SESAME as its protection mechanism via its authentication service. This is able to support access from Novell NetWare, LAN Manager, and a whole host of operating systems using RACF, CA-TopSecret and other access features. The usual range of reports and audit trails are available to support these operations. There is also a monitoring utility that raises alarms for the detection of intrusions, excessive failures, and other auditable events.