LANDesk Management Suite 8.6

1
LANDesk Management Suite 8.6
Product Overview

• LANDesk Usergroup Konferenz
• 14. September 2005
• Köln
• Detlef Lüke
• Technical Consultant

2
Whats New ?

• LANDesk Advance Agent
• LANDesk Management Gateway
• Enterprise management over Internet
• Software Distribution Enhancements
• Intel AMT Support
• Effective and efficient asset management
  leveraging Active Management Technology from
  Intel.
• Local Account Management
• RBA Active Directory integration
• New Reporting / -Module
• Platform Support
• Expanded Linux Support
• Expanded Macintosh Support
• Misc

3
LANDesk Advance Agent
4
What is the Advance Agent ?

• A robust, bandwidth aware, boot/install agent
• Used to install a standard agent
• Based on existing LANDesk technologies
• It is not a replacement for the Standard Agent

5
Leveraging Existing Technology

• The Existing LANDesk Agent Can
• Give way to non-LANDesk network traffic
• Use a percentage of the available bandwidth
• Get packages from other LANDesk clients
• Detect connection speed
• Carry on file copy from last point
• Why not use the same approach to deploying the
  agent?
• In Management Suite 8.6 this is what the Advance
  Agent does

6
Advance Agent - Features

• Based on the HTTPCopy Utility
• Restartable copying
• Bandwidth control
• A maximum bandwidth can be specified that will
  not be exceeded during the copy operation.
• Additionally it can
• Run as a service
• Handle authentication to http location
• Detect presence of http location to restart file
  copy
• Send status messages
• Use Task completion

7
Deploying the Advance Agent

• Deploy to Unmanaged Device
• Just like the Standard Agent
• Relies on RPCs
• Group Policy
• The small size of the agent makes this feasible
• Configure Group Policy Slow Link Threshold
• Logon Scripts
• E-Mail or media

8
LANDesk Management Gateway
9
Customer Pain Points
RFP for the State of South Carolina, one of the
key requirements was to distribute software
securely to end points over the Internet State
of South Carolina

• Need to Manage users outside of the corporation
• without Punching Holes in firewall
• Dial up connections
• are to slow, but purchasing a VPN (Virtual
  Private Network) solution is too expensive
• Distributed sites
• which due to the small size, temporary nature or
  limited local communication availability the only
  connection available is an internet link
• Management across the internet
• without compromising the security of the end
  point or my corporate infrastructure

Displace the costs of a VPN project for all 300
of their restaurants, and give them management
capability, this would easily build the case for
using LANDesk versus another tool Outback
Steakhouse
Asked if there is way to utilize the ISS pro
technology with a core server and give end point
management to nodes over DSL, and Cable modem
connections .  A 40,000 node opportunity that has
end points that require management through the
Internet cloud. Sales Opportunity Yellow Region
Most of their nodes are outside of their network
and they have been looking for this solution for
a few years, If this functionality was available
now I would have a check to give you right now
David Weekley Homes
10
How it worksExample Outlook Web Access
Personal Firewall
Perimeter Firewall
LANDesk Laptop
Personal Firewall
Perimeter Firewall
LANDesk Gateway

• Enables communication through firewalls and
  proxy servers
• Does not require a VPN infrastructure
• Brokers connections and provides authentication
• SSL encrypted

Managed Devices
11
Supported LANDesk Client Features

• Inventory gathering
• Hardware
• Software
• Software License Monitoring
• On Demand Remote Control features
• Remote Keyboard, Video, and mouse control
• File Transfer
• Chat
• Remote Execute
• Screen Draw
• Reboot

• Software distribution
• Policy based (Client pulls down jobs)
• Security functions
• Patch Management
• Spyware Management
• Security Threats
• Custom Definitions
• Blocked Applications
• LANDesk Updates
• Connection Control
• Anti-Virus Enforcement

12
Benefits

• Allows Management of devices without traditional
  network boundary restrictions
• Gives access to remote computers
• Without investing in expensive point to point WAN
  infrastructure
• Access to computers over T-1, DSL/Cable, or
  Dial-up
• Give remote devices access to LANDesks most
  popular features
• Including Remote Control, Software Distribution,
  Inventory, Software License Monitoring
• Requires minimal hardware investment

13
Business Scenario
Customer A
Request to Core server as xml sent via http
Customer B
14
Gateway Machine

• Runs on LDLinux
• LANDesks own Linux distribution based on the
  Linux 2.6 Kernel.
• Minimal Operating System
• Minimum Hardware Requirements
• P4 Processor (dual processors supported)
• 1 GB RAM
• IDE disk drive (SCSI, SATA supported. Hardware
  RAID is not supported)
• VGA Video
• High Speed NIC (100 mb or Gigabit)
• Bootable CDROM
• Keyboard (mouse not required)
• Private IP ranges and unneeded ports blocked
• Root account is disabled
• Admin account is created with strong password
  requirements
• Gateway runs as a web service
• Custom built LANDesk proprietary web service (not
  Apache).
• Configuration performed through web browser

15
Gateway Client

• Uses CBA8 Unified Pipe architecture.
• Ensures that all agents communicate using same
  processes and protocols.
• Uses an http based Proxy Host.

16
Gateway Client Secure Access

• Security is needed since Gateway is built for
  access over public network.
• Certificate based security.
• BrokerConfig.exe used to initiate authentication
  to core server through gateway.
• Once authenticated certificate from core is given
  to client.
• Certificate can be blocked if needed.

17
Core to Gateway Communication

• Uses a reverse proxy agent on Core
• Translates requests and processes them
• As though they were locally connected.
• Keeps a minimum of six connections opened
• To receive communication from the Gateway.
• Validates communication by examining client
  certificate.

18
LANDesk Software Distribution
19
Private and Public Ownership

• Packages and Delivery Methods are now organized
  with ownership similar to Queries.
• Both can be made publicly available or added to
  users by the Administrator.
• Private packages can use dependencies.
• Dependency must be a public package

20
Multiple Queries Added to Target

• Simple as dragging and dropping of queries.
• Queries are not processed till task is executed.
• Task properties will show queries in the Target
  Devices window.
• Code has been changed to ensure tasks run
  efficiently

Even though queries have been added as targets,
the list of targets is zero. This is because the
queries have not been run. Queries on run when
the task is executed.
21
Linux Distribution Packages Added

• Supports only RPM packages
• Uses a RPM command line format to install the
  packages.
• RPM files must be downloaded through a web share
  (MS/Samba shares are not supported).

22
Database Macro Parameters

• Allows you to retrieve values from the devices
  database entries and pass them as command line
  parameters.
• Useful for Distribution Packages based on Batch
  files or Executables.

23
Reporting
24
What's New in Reporting

• Redesigned from the ground up
• Integrated report design tool(Create your own
  reports using the LANDesk Report Designer)
• Reports can be filtered by user scope and
  e-mailed
• Ad-hoc reporting added

25
Types of Report

• Ad-Hoc Reports
• View as Report Option
• Standard Reports
• Cover all aspects of Management Suite
• User Defined
• Based on Inventory Query
• Report Designer Tool

26
What are Ad-Hoc Reports ?

• Ad-Hoc reports provide a snapshot
• Report contains same information as screen
• Column Sets may be applied
• No need to define a query
• Useful for producing system documentation
• Not always available
• i.e. Unmanaged Device Discovery

27
Generating Ad-Hoc Reports

• Select a Component
• Network View
• Users
• Software and Patch Manager
• etc.
• Right Click View as Report
• View the Report
• Export if desired
• Select a format such as PDF, HTML or RTF
• Print if desired

28
What are Standard Reports?

• Predefined Reports
• Built-in
• Arranged by Component
• May not be Customised
• Support Different Output Formats such as
• PDF
• HTML
• RTF

29
Working with Standard Reports

• Tools Reporting / Monitoring Reports
• Browse and select a report
• Right click and select from
• Run Generates a report now
• Publish Options for location and format
• Schedule Publish Creates a scheduled task
• Group Membership Displays other groups
  containing report
• Copy Copy a Report to Paste into another Group

30
Platform Support
31
Linux Support

• Linux Version support
• Redhat 3, SuSe 9, Mandrake 10.1
• Hardware Platforms
• X86
• LANDesk Products supporting Linux
• LANDesk Server Manager (Redhat, SuSe)
• LANDesk Management Suite (Redhat, SuSe, Mandrake)
• LANDesk Security Suite (Redhat, SuSe)
• Features
• Common Base Agent
• Remote Execute
• File Transfer
• Power Off Reboot
• Inventory
• Hardware Software
• Automated Agent Deployment
• Software Distribution
• RPM Distribution
• Patch Management

32
Mac OS Support

• Mac OS Version support
• Mac OS 9.22
• Mac OS X 10.2.x, 10.3.x, 10.4
• Hardware Platforms
• G3, G4, G5
• LANDesk Products supporting Mac OS X
• LANDesk Management Suite
• LANDesk Patch Manager
• New Features
• Mac OS X 10.4 support (Tiger)
• Safari browser supported for Web console (Tiger
  only)
• OS Deployment
• Profile migration
• Bare-metal provisioning

33
Misc
34
Role-based Administration(Active Directory
Integration)

• leverages your existing IT investment in Active
  Directory for assignment of roles (rights) in the
  Management Suite console
• No longer required to build/replicate your
  existing Active Directory structure in the
  management console users tool
• View Active Directory structures within the
  Management Suite console
• Assignment of LANDesk rights to Active Directory
  groups or organization units
• Supports rights inheritance

35
Local Account Management from LDMS Console

• Account group management for customers without
  Active Directory
• Ability to reset local passwords real-time
• Manage local users and groups with real-time
  access
• Add, rename, remove, and edit local users and
  groups
• Reset passwords
• Local account management information is
  associated with system inventory for queries
  reporting

36
Keyboard Mapping in RC

• RC machines with different Locale Setting

37
Fragen ?
Applaus !