Key Elements of Software Licensing and Compliance
April 5, 2007
At Anything4aEuro we aim to deliver what the customer wants, but what happens when the customer doesn’t really know. Start by understanding their objectives.
1. Understanding your own objectives, by this I mean are you being forced to comply with a particularly compliancy body – SOX, ITIL, ISO, FAST or are you “putting a stake in the ground” to determine the position of the organisation prior to a series of upgrades.
(1.1). When you have the objective defined, determine the requirements of the audit and gather a team to run the process. (1.2). If you are reconciling license counts then two teams should be created, The first team process paper audits, purchase histories and license certificates, the 2nd processes the physical count of licenses installed – When both teams are finished then join the teams together to build the complete picture
(1.2.1). Why two teams? And why separate? In my experience keeping the “discovery” streams separate allows each team to process the information with hinderence and getting hints of what to look for from the other. Each has to do a thorough job 1st time as essentially both teams are auditing each other
2. What are the business risks
(2.1). When you have determined your objectives (current versions and usage of software) and perhaps there is a project goal (for example: Desktop Migration and therefore upgrade up software) , for the audit, the business risks will become apparent (budget planning). In addition to the initial project goals, you may also be able to achieve other objectives from the same set of data – ITIL, SOX, ISO, FAST for example.
More and more organisations have asset management discovery systems – equally, many organisations did one audit and then never maintained their records. This information gathering exercise – before you start the engagement, ensures a level playing field at the beginning of the project.
At Anything4aEuro, we prefer to use Centennial Software’s Discovery 2006 solution.
For more information see http://www.anything4aeuro.com
Email Issues…
March 30, 2007
If you are getting SMTP smtp.secureserver.net 553 sorry, relaying denied from your location (ip_address) #5.7.1 …
GoDaddy.com support staff …. “We have examined your issue and have determined that the IP address you have submitted (xxx.xxx.xxx.xxx) does not have a valid reverse DNS entry. You will need to have these users contact their IP address provider and have them create a valid reverse DNS entry for their IP before we can submit it for unblocking. I apologize for any inconvenience this may cause.”
Centennial ITIL Solutions
March 29, 2007
Centennial Software’s Discovery 2006 is a critical component to any ITIL-based service management infrastructure, by providing total visibility of what’s on the network, from PCs and servers through network printers and switches to personally-owned IT gadgets such as PDAs, USB sticks and even MP3 players.
Total Visibility
Multi-site, multi-platform, 24*7 monitoring of all IT assets
CMDB Integration
Automatic population of CMDB with the latest information
Software Management
Automatically track software installations, usage and license entitlements
Web Reporting
In addition to feeding a CMDB, extensive asset management reports can be viewed by multiple stakeholders
With existing integrations into many ITIL compatible service management solutions, and an open, extensible architecture, Centennial Discovery is the ideal solution for maintaining an up-to-date CMDB and ensuring that all changes are accurately planned and tracked.
For more information visit http://www.anything4aeuro.com
Why do we need a standard?
March 28, 2007
First and foremost, many organisations have not taken the time to step back and review their increase in software spend over recent years. If they did, many would be surprised to learn that they now spend more each year on software than they do on hardware or even high-ticket items such as company cars.
Yet while no responsible company would allow its cars on the road without ensuring they were taxed, insured and serviced, it’s difficult to say the same for an organisation’s software inventory.
According to industry analysts such as Gartner, the average company is over-licensed on around 30 percent of their inventory and typically at least 30 percent under-licensed in other areas. And while this may sound nicely balanced, rest assured the software vendors and licensing watchdogs won’t agree! That’s why 2006 has seen record fines for non-compliance and the use of unlicensed software.
But it’s not all about compliance. Every year, organizations waste millions in purchasing additional licenses that they didn’t need – whether because they fail to re-deploy existing applications, don’t take advantage of bulk / enterprise licenses or fail to go through the proper procurement channels.
As such, the ISO 19770-1 standard for Software Asset Management is concerned with the entire lifecycle of the applications in use on your network, from purchasing to disposal. The standard sets out six key areas of best practices designed to help all types of organizations save money, reduce compliance risks and increase operational efficiencies in software management.
Another benefit of the standard is that it provides a clear set of guidelines for all parties with an interest in software management – whether it is the end user, the vendor, the supplying VAR or an industry watchdog such as the BSA, SIIA or FAST. With the 19770-1 standard now formally endorsed and published by the International Standards Organization (ISO), all parties in the chain have a common set of rules to work from, which should make it easier for everyone to set and meet software management expectations.
For more information visit http://www.anything4aeuro.com
In total, there are 27 distinct processes which make up the ISO 19770-1 framework for the ongoing effective management of software assets. While some of these elements are solely concerned with procedures that can only be managed manually, there are a number of requirements which can be met with significantly less effort if a suitable asset discovery tool is used.
The ability to accurately identify the software installed and in use (and it is important to understand the distinction between the two) on PCs and servers across the organisation is critical to meeting the standard’s requirements for ongoing software management.
In the following section, we have mapped out examples of how Discovery helps with a number of key areas from the ISO 19770-1 SAM standard and how this award-winning audit solution is critical to gathering the right ‘IT intelligence’ required to ensure your organisation makes the right decisions when managing software assets.
1. Control Environment
- Create a dynamic baseline of audit information with executive reports designed for SAM projects
- Assign assets by OU, location etc and ensure multiple stakeholders have visibility of their respective areas
- Use dynamic information to check that polices (regarding purchasing, computer use, software deployment etc.) are complied with
2. Planning and Implementation
- Use built-in wizards to plan timeframes, resources and budget for upgrades, migrations, change management and software asset management projects
- Monitor project progress and track changes to the network (hardware and software) in near real-time
- Discovery.Dashboard‘s unique web-reporting interface enables critical asset information sharing across multiple IT and business professionals within an organisation
- Promote best practice procedures across all areas of the organisation
3. Inventory
- Build an accurate inventory of all software and hardware across servers, desktops, laptops
- Ongoing visibility of IT assets and their usage
- Identify the location of IT assets and visualise your estate using Discovery.Visual, which presents all discovered assets in a visual format
- Provide a focal point to monitor and control IT procurement practices
4. Verification and compliance
- Identify unknown applications, their market name, publisher and licensable status with Discovery.Portal
- Perform gap analysis for over and under-licensed products
- Be alerted to software vulnerabilities with Security Advisor
5. Operations Management
- Understand software licensing position to help renegotiate SLAs with software and hardware vendors
- Automatically reconcile licenses bought to software assets discovered on the network
- Central repository of asset information, implementation and service delivery
- Facilitate IT budget allocation, cross billing amongst different departments and manage procurement processes
- Set a common security policy for the management of IT assets
6. Life Cycle
- Track assets from purchase to disposal
- Establish visibility of different software versions deployed into the network
- Re-harvest unused/unwanted assets to other areas of the business
- Plan and monitor application, OS and patch deployments
- Provide comprehensive data that can be used to populate third party help desk solutions for problem/incident management
- Integrate live asset information into Problem Management and Helpdesk tools
Beyond ISO 19770-1
While many organisations will be tempted to view SAM as a distinct or even one-off project, it is important to understand the long-term benefits of the business practices and technologies involved in effective software management.
In terms of the chosen Discovery tool, it is important that firms maximize the ROI of the initial project by continuing to have a full and up-to-date view of the network, even after the initial SAM engagement is complete. By maintaining a dynamic audit, it is far easier for managers to prevent the organization falling out of compliance, over-purchasing unnecessary licenses and losing control over what’s on the network.
And while a SAM project is concerned primarily with the software on the network, Centennial Discovery also gives multiple stakeholders across the enterprise invaluable information about the state of the hardware estate – from a simple device-by-device view of configuration through to more complex queries about build compliance, platform deployment and detailed upgrade wizards.
For more information please contact http://www.anything4aeuro.com
Fault Tolerance vs Budget
March 26, 2007
Customer: “I need my SQL server up 24 hours a day”
Consultant: “You need a failover cluster, so all you need is a replica of the machine you have now and a few other bits and you’re done!”
Customer: “I can’t afford that much!”
In today’s competitive marketplace it is imperitive for organisations to have their data available at minimum during the operational hours of the office. Larger organisations, internationals, will need extended operational hours to cope with the timezone differences. But do organisation truly require 24×7, or would better designed application and application servers be the solution.
Firstly here, we explore the 24×7 scenario or atleast 99.5% availability (this gives you about 51 weeks a year availability), ultimately five nines (99.999%) is your target but will your Finance Director give you the budget!
Microsoft SQL Server 2000 and latterly 2005 implemented features to improve the availability of your DB environment. High Availability and Fault Tolerance, whichever way you look at them are more closely related than Mother and Child.
Fault-Tolerance is the mechanical mechanism to decrease the single point of failure in a system but introducing second or third points for example RAID, Power Supplies, Network Card, Disk Controllers. Five Nines is achievable.
This is where customers, generally, misunderstand their requirements
- Understand your availability requirements. Is it 9am to 5pm , or 6am to 10pm
- Evalute the available solutions
- Match solution to budget, or alter budget
- Document the recovery procedures
High Availability is NOT the availability of the server hardware, that has been covered by Fault Tolerance. High Availability is the operating system and the SQL environment. Here, you have Active-Active or Active-Passive – Either way understanding the technical merits of Log Shipping, Database Mirroring, Fail-over Cluster etc.
Clustering or database mirroring provides
- Near continuous data availability with minimal downtime caused by hardware or software failure
- Fast turnaround time for the recovery of server failures and resume services without having to wait for database repairs on a failed mode
- Avoids natural, electrical or human disasters!
Availability Matrix
- If your system availability requires 99.5% you can lose 44 hours a year!
- If your system availability requires 99.9% you can lose 9 hours a year!
- If your system availability requires 99.999% you can lose 5 minutes a year!
Oh but the application might be badly written and not know who to recover from a node failure, so test your application in chosen Fault Tolernance / High Availability configuration BEFORE you blow your budget!
Asset Management and Software Licensing
March 23, 2007
How many organisations profess to having Asset Management including Software Licensing “under control” and should they go for “best of breed” solutions glued together (somehow) or a one-vendor-does-all framework solution?
You Do Need Centennial Discovery….
March 22, 2007
“Microsoft launches licensing crackdown “
Source: Silicon.com, 30th January 2007
FACT 1: Microsoft, Adobe and other software vendors are increasing customer audits in 2007
FACT 2: The average corporate PC hosts more than £200 of unlicensed software*
FACT 3: End users who proactively self-audit negotiate better settlement figures
FACT 4: Discovery automatically audits the entire network for software installations and usage
Did you know that in many cases, the vendors will agree a lower settlement figure with an end user that proactively audits their own estate, compared with an organization that waits for a forced audit.
Taking the initiative on software management is easier than you think. Forget clipboards and teams of auditors. All you need is a proactive asset discovery tool like Centennial Discovery, which will automatically find and recognize all software on the network, combined with a little software licensing expertise from Anything4aEuro.
Together, we’ll put you firmly in the driving seat when it comes to managing your IT assets.
Friendly fire mixup: MS identifies Windows as Mac
March 22, 2007
Updated In what might be described as a “Friendly Fire” incident, Microsoft software has identified a copy of Windows as a hostile operating system – belonging to enemy Apple forces.
The host software, Virtual PC 2007, promptly disabled the intruder.
It’s not the first time Microsoft has incorrectly identified its own software (full story . http://www.theregister.co.uk/2007/03/09/friendly_fire_virtual_pc/)
Oops! Should have used Centennial Discovery!
Efficiencies in Software Management
April 5, 2007
I don’t believe there are efficiencies in Software Management – After all, an organisation is in business to make money and regulatory red-tape forces and organisations to spend money on non-business (money generating) activities like software management. However, saying that I believe the following go some way to achieving degrees of efficiency:
Most importantly, Software Management is ongoing, it should be recognised as a corporate management task and should be budgeted for accordingly – after all you could end up saving money for the organisation.
Solutions like SMS are reasonably good at determining how many packages are being deployed, other off the shelf solutions can discover with some accuracy.
Anything4aEuro are experts in Centennial Software’s Discovery 2006 solutions – From implementation, designing reports, training and ensuring your, the customer, get what you need.
Filed in General Comments