Endpoint management is more of an art than a science and creates challenges for IT managers, as well as end users. For most, effective endpoint management can reduce help desk calls, increase productivity and lower operating costs, but only if done correctly. The problem with attaining that level of correctness is that endpoints are fluid in nature because they respond to changes in software environments, user modifications, and constant patching and updating.
Simply put, the DNA of an endpoint changes from day to day, and it is about to get worse. How so? Endpoints are evolving at lightning speed, changing not only how they are used to consume data, but also how they use hardware and software. It all comes down to the arrival of new devices and operating systems into corporate environments, be it iPads, iPhones, Android-powered devices, Windows tablets or Linux-powered PCs. The only constant here seems to be change.
Add to that the proliferation of desktop virtualization technologies, and you can have a real recipe for disaster. Today, end users are running multiple OSes and devices, thanks to multiboot and virtualization technology. Users expect to be able to transition from their corporate desktops to mobile devices to their home PCs seamlessly and without interruption -- an almost impossible task.
In many enterprises, IT needs to support multiple operating systems. Desktop PCs probably use Windows, iPads may use IOS, netbooks use Linux, and smartphones often rely on Android. For most administrators, they first have to figure out how to make programs work across these disparate OSes. That problem is being solved by the growing population of Web-based apps, where the browser on the device becomes the operating system for the application. With few exceptions, such as Adobe Flash, most applications can be co-developed for Web use under Ajax, reducing the impact of different OSes across endpoints.
The cross-platform enablement of applications gives end users more freedom of choice in the devices they can use to run apps. This practice, however, can further fragment the OS environment on endpoints in an organization, add to the management nightmare and increase support costs significantly.
Unfortunately, IT managers can't just ignore endpoints and make them the responsibility of the end users. The endpoint remains a corporate asset and is expected to deliver a level of productivity that meets business needs. Simply put, IT must manage such assets to ensure usability, maintain security and meet line-of-business objectives.
Streamline endpoint management
So how can IT create a fluid endpoint environment yet maintain static controls for access, security and reliability? There are technologies that can tame that management beast, but choosing what works best for a particular set of circumstances can be a complex endeavor. The trick is to know what to look for.
To select the best tool set for your organization, make sure that any endpoint that attaches to the corporate network is secure, patched, compatible and manageable.
There are two very different paths to those goals. The first path involves alternative OSes and virtualization, more specifically a virtual desktop infrastructure (VDI). With VDI, all endpoint activity actually takes place on a virtual desktop in the data center, turning the physical endpoint into little more than a dumb terminal.
VDI offers many advantages, but it still has requirements that may make it a less-than-ideal solution. First and foremost is endpoint support. For example, some virtual desktop technologies work only with a limited set of endpoints, a VDI client may not exist for a particular device, or a device's OS might not be able to successfully connect to a VDI session.
In addition, virtual machines themselves still need to be managed. Most VDI packages come with tools to manage and assemble virtual desktops as needed, simplifying deployment. Other packages may require third-party applications to enable those management capabilities.
Finally, VDI can come at a very high cost. To effectively deploy VDI, significant investments in infrastructure, storage and processing capabilities are needed. After all, running hundreds of virtual desktops takes some muscle.
For the reasons above, most admins will pursue alternatives to VDI, including endpoint (or lifecycle) management. There are literally dozens -- if not hundreds -- of products to choose from. Here are several pointers to narrow the field and attain management nirvana.
When evaluating an endpoint management offering, it should include several capabilities:
- Policy-based management: IT should create policies to control access and how endpoints are configured.
- Patch management: The product should be able to apply patches and upgrades to the managed endpoints.
- Security: The package should validate the security posture of the connecting endpoint and remediate it if it does not meet security policies.
- Multiple OS support: The solution should support all OSes authorized for the IT environment.
- Application deployment: The ability to push applications down to the endpoint is critical.
- Inventory: Automated inspection and tallying of hardware, software and licenses is a critical management capability.
- Backup: The ability to protect the endpoints from data loss simplifies disaster recovery tasks.
- Reporting: Specialized and customizable reports simplify management.
- Remote control: This option can ease help desk chores and better support the end user.
An endpoint management package that includes these elements can bring simplicity to an environment with multiple OSes. This alternative to VDI can also reduce the operating costs and the support requirements for almost any IT department.
ABOUT THE AUTHOR
Frank Ohlhorst is an IT journalist who has also served as a network administrator and applications programmer before forming his own computer consulting firm.
This was first published in June 2011