Enterprise User Manual

Chapter 10

Software Asset Management

---

Software Asset Management is a powerful set of integrated features that enable you to plan and control the rollout of software to your users, and to monitor software usage throughout your organization. You can use it to help manage software requirements across the network, to control your organization's spending by monitoring license usage, and to identify the use of prohibited or illegal software.

Package Policy Manager

Package Policy Manager is designed to help you plan and control what software packages are installed on your network, and to regulate where the packages can be installed. By identifying Groups of PCs and the software that can, must and must not be installed on them, it gives you the ability to analyze the key applications needed by the various people and departments, and to predict and manage software licensing across your organization.

Planning Your Software Distribution

To use Package Policy Manager, you must first define the package policies that Enterprise will use to analyze the software distribution within your organization. Each package policy has two components:

• A set of Clients that have the same asset requirements.
• A set of rules that identify software that is mandatory, optional and prohibited for the specified PCs.

This approach enables you to create policies that can be used to specify the software required by departments and areas within your organization. It also enables you to create policies that identify the Groups and Clients where specific packages can be installed.

For example, you can create a packages policy that specifies all PCs in the Sales department must have access to MS Office but that access to Internet Explorer is prohibited. Similarly, a package policy can specify that all PCs within your organization must have a specific version of a virus scanner.

You can use a mixture of both of these package management methods in the way that best suits your organization's requirements.

To create a package policy:

1. In the Console, click the Specify Package Policies Operation. The Package Policy Manager is displayed.
2. In the Package Policy Manager, select the Policies tab, then choose Add Package Policy in the Edit menu. The Package Policy Details dialog is displayed.
3. In the Name field, type a name for the new policy and click the OK button.

You can create an unlimited number of package policies.

Adding Clients to a Package Policy

You can assign Clients to a Package Policy either as individually or as part of Client Groups. Clients can belong to an unlimited number of Package Policies either as individuals or as members of Groups.

To add Clients to the package policy:

1. In the Tree View, expand the package policy you want to update.
2. Select the Clients or Groups you want to update.
3. Choose Add Client in the Edit menu. The Add Clients dialog is displayed.
4. In the Add Clients dialog, select the entries you want to add to the policy. (To select more than one entry, press the Control or Shift key as you click each entry.)
5. Click the OK button to add your selections to the policy.

To remove Clients from a package policy:

1. In the Tree View, expand the package policy you want to update.
2. Select the Clients entry if you want to remove individual Clients from the policy, or select Groups if you want to remove Client Groups.
3. In the List View, right-click the entry you want to remove, and choose Remove form the shortcut menu.

Adding Packages to a Package Policy

Package Policies can be used to control the installation of specific applications (for example, you can define a package policy to specify that all Client PCs must have a specific virus checker installed), or you can use them to specify what software is required by specific Clients (such as identifying what software is required by all Client PCs used by the Engineering department).

To add packages to a package policy:

1. In the Tree View, expand the package policy you want to update.
2. Double-click the Packages entry and select the option to which you want add a software package. For example, if you want to specify that a software package must not be installed on PCs in this policy, select Prohibited.

The List View displays the packages that are currently assigned to the option.

3. Choose Add Package in the Edit menu. The Add Packages dialog is displayed.
4. In the Add Packages dialog, select the package you want to add to this option. (To select more than one entry, press the Control or Shift key as you click each entry.)
5. If you want to specify a particular release of the software for this policy, type the version number in the Version field. You must enter the version number in same format as used in the Packages Database.

   You can specify a version only when one package is selected.

6. Click the OK button. The package is displayed in the List View.

   For more information on adding software to the list of packages recognized by Enterprise, see "Adding and Modifying Package Details".

To remove packages from a package policy:

1. In the Tree View, expand the package policy you want to change.
2. Select the policy option that you want to remove a package from. The packages assigned to the option are displayed in the List View.
3. In the List view, right-click the package you want to remove, and choose Remove from the shortcut menu.

Checking Policy Conformance

When you have created one or more package policies, you can use the Package Policy Manager to check how well your PCs conform to your policy specifications. Before running the Analyzer, you must run an Update Software Inventory Operation on the PCs you want to check.

To check the Software Inventory Results, right-click a Client in a Groups folder and choose Software Details from the shortcut menu.

To view the results of a package analysis:

1. Choose the Run Analysis in the Tools menu of the Package Policy Manager.
2. In the Tree, select the Compliance tab. This contains a series of reports on the compliance status of software on your Client PCs.
3. Click the Yes button in the confirmation message, and, when the Analyzer has finished, click the report you want to view. The results of the analysis are displayed in the List View.

You can manipulate the contents of the List View in the following ways:

• To resize a column, click the right edge of the column heading and drag the divider.
• To display the full contents of a column, double-click its right edge.
• To sort the items in the List View by a category, click the column heading.

Understanding the Compliance Reports

The Compliance Tree contains a series of reports that you can use to check on how well your Client PCs conforms to your package policies.

Bad Versions

lists Clients where the wrong version of the specified package is installed if your package policies specify particular versions of software.

Installed & Authorized

lists Clients where mandatory and optional packages are installed and allowed by a package policy. If you have specified particular versions of software for a package policy, this report also lists any Clients that have the wrong version of the specified package.

Installed OK

lists Clients where mandatory and optional packages are installed and allowed by a package policy. If you have specified particular versions of software for a package policy, this report lists only those Clients where the correct version of the package is installed.

Managed Clients

contains a compliance report for each Client that belongs to a package policy. These reports enable you to see the compliance information from all package policies that apply to each Client.

Managed Packages

contains a report for each software package that is assigned to at least one package policy. Use it to view all the Clients where this software is currently installed.

Missing Mandatory Packages

lists Clients where a mandatory software package is not currently installed.

Not Authorized Packages

lists packages that are included in package policies, but which are installed on Clients where they are not authorized by a specific policy.

Policies contains reports that provide a breakdown of the software compliance by package policy. Each report lists the software installed on all Clients that belongs to the selected policy.

Prohibited Packages

lists Clients where a prohibited software package is installed.

Unmanaged Clients

lists Clients that are not included in any package policy.

Unmanaged Packages

contains reports that list software packages which are installed on one or more Clients, but which are not included in any package policies. To display the Clients on which the software is installed, click each report.

When a policy contains only non-mandatory packages that are not installed on any Client, the policy is not displayed.

Color Coding

Compliance reports use the following colors to identify the compliance status of software packages:

Red

the package is prohibited, but installed.

Black

the package is unmanaged (it is installed, but not assigned to any package policy).

Purple

the package is mandatory, but not installed.

Orange

the wrong version of the package is installed.

Green

the package is optional or mandatory and is installed.

Blue

the package is unauthorized because no policy is currently specified for the installation of the package on this Client.

Creating Groups in Package Policy Manager

You can create Client Groups from the contents of the Analyzer's list views, and then use them to investigate policy exceptions, or as the basis for new package policies. For example, if your network includes several Clients where an unmanaged package is installed, you can use this option to create a Group from the Clients and then apply a policy to that Group.

To create a Group:

1. In the Compliance Tree, select the report from which you want to create a Group.
2. In the Compliance List, select the Clients you want to add to the Group.
3. Choose Make Fixed Group in the Edit menu. The Create a New Fixed Group dialog is displayed.
4. In the Create a New Fixed Group dialog, type a Name for the Group and a Comment if required, then click the OK button.

The Group is now available in the Console and the Package Policy Tree.

Package Policy Log File

Package Policy Manager includes a logging facility that enables you to view the details of a policy analysis and search for potential problems, such as conflicting package policies or database problems. By default, no logging file is created.

To create a log file:

1. Choose Options in the Tools menu. The Global Options dialog is displayed.
2. In the Reporting Log Type list, select the type of log file you want to create:

Silent creates no log information.

Debug lists the Clients being processed.

Verbose lists the Clients and the names of packages being processed. It also identifies any policy conflicts such as when a software package is identified as both prohibited and mandatory for the same Client.

All lists the Verbose information, plus the managed status of each package.

3. By default, the log file is named PPM_Log.TXT and saved in the PC-Duo Enterprise Data\Logs directory. If you want to create a different log file, type a name for the new file in the Log File field.
4. Click the OK button to save your changes and close the dialog. The information is appended to the specified log file the next time you run the Run Analysis command.

Selecting Databases

By default, Package Policy Manager works with and saves its results to the current Site Database. However, if your organization maintains multiple site databases, you can choose the database you want to work with.

To select a Site Database:

1. In the Package Policy Manager, choose Tools in the Options menu. The Global Options dialog is displayed.
2. In the Database field, type the DSN of the database you want to work with.
3. Click the OK button to close the dialog and load the package policy information for the new database.

To exit the Package Policy Manager:

When you have finished your analysis, choose Exit in the File menu.

Software Metering

While Package Policy Manager monitors and regulates the software that is installed on your network, Software Metering gathers and analyzes data on what software packages are actually in use. When running on Client PCs, Software Metering enables you to monitor where software is being used, who is using it and the length of time it is used for. You can then use Enterprise's pre-defined reports to identify and predict software usage requirements across your organization and to control your software licensing costs by spotting packages that are rarely or never opened.

Enterprise collects and analyzes software- metering data in a three process:

Software Metering Agents

Metering Agents run on each Client and collect raw data on what software is being used and how long it is used for. Agents poll the Client at a user-defined frequency (every 10 seconds, by default) and take a snapshot of all applications that are currently open. They also copy the metering data to the Client's Offline Area at an interval specified in LUCLIENT.INI. For more information, see "Controlling Client Behavior".

Collation

Collation is run offline by a Scheduler. The Collation Job collects software-metering data from each Client's Offline Area and saves it to the Site Database where it can be viewed using the Software Activity Details report. It can also remove old metering data from the Site Database and the Clients' Offline Areas.

By default, the Collation Job is run by one Scheduler at 23:00 each day. However, it can be rescheduled from the Console's Jobs View (see "Schedulers") and, for large networks, it can be spread across multiple Schedulers (see "Configuring Software Metering").

Summarizing

The Summarizer Job further amalgamates the software-metering data from the Collator. It calculates the total length of time for which each Client has used each software package over the previous 24-hour period by interpolating between each snapshot. The data is then used to produce software usage reports, such as the Software Total Users by Day report. By default, the Summarizer runs at 01:00 each day on the same Scheduler as the Collator.

Enabling and Disabling Software Metering

Software Metering is automatically enabled when you first install Enterprise. Use the following procedure to stop or restart the collection and analysis of metering data.

To enable or disable software metering analysis:

1. Click Software Metering Settings in the Console's Software Metering folder.
2. In the Software Metering Settings dialog, deselect the Enable software metering check box.

You can restart metering at any time by opening the Software Metering Settings dialog, and reselecting the Enable software metering check box.

Configuring Software Metering

By default, the software-metering data of all Client PCs is collated and purged by one Scheduler. However, because this Job can take up a significant amount of time and disk space when you have a large network with many Clients, you can spread the work amongst several Schedulers and control how long the collation data is saved for.

To distribute the software metering workload:

1. Click Software Metering Settings in the Software Metering folder. The Software Metering Settings dialog is displayed.
2. In the Select a host to set its offline areas list, select the Scheduler that is currently running the Collator and deselect all the entries in the Select offline areas for the host list. (By default, all Offline Areas are assigned to the first entry in the Select a host to set its offline areas list.)
3. For each Scheduler you want to assign work to:
   1. In the Select a host to set its offline areas list, select the Scheduler.
   2. In the Select offline areas for the host list, select the Offline Areas that you want the selected Scheduler to collect metering data from.

      If you want to assign all Offline Areas to the selected Scheduler, select the Assign all offline areas to this host check box.

4. If you want to change the Scheduler responsible for summarizing the software-metering data, select another entry in the Which host runs the summarizer list. (Because it works with all the metering data, the Summarizer can be assigned to only one Scheduler for the whole Site.)

To change the frequency at which metering data is deleted:

1. In the Software Metering Settings dialog, select the Enable purging of software metering Client data and database check box.
2. In the Purge Client data after how many days field, enter the number of days for which you want to keep the raw metering data.
3. In the Purge collation database after how many days field, enter the number of days for which you want to keep the collated metering data.

Software Metering Logs

Software Metering includes a logging facility that enables you to view the details of the Collator and Summarizer Jobs that are used to produce the Software Metering reports. The information is recorded in COLLATOR.LOG and SUMMARIZER.LOG in the PC-Duo Enterprise Data\Logs directory.

To choose a logging option:

1. Click Software Metering Settings in the Software Metering folder. The Software Metering Settings dialog is displayed.
2. In the Software Metering Settings dialog, select a Logging option. Choose:

No Logging To record no logging information (the default setting).

Log Errors To record all errors found during the Collator and Summarizer Jobs.

Log errors and additional information To record all errors found during the Collator and Summarizer Jobs, plus extra information on the scope of the metering data collected, such as each Client processed and excluded data.

3. Click the OK button to save your changes and close the dialog. The data is appended to the log files when the Collator and Summarizer Jobs are next run.

Customizing Software Metering

When Enterprise is first installed, Software Metering monitors the usage of all software on all Client PCs across the network. Use this feature to omit specific applications from the software metering reports, or to omit all the applications started from a specific directory.

For example, if you are not interested in where Notepad is being used or how long it is being used for, Software Metering Exclusions enable you to remove all notifications of its use from your metering reports.

To prevent metering of applications started from a particular directory:

1. Click Software Metering Exclusions in the Software Metering folder.
2. In the Software Metering Exclusions dialog, select the Exclude directories from software metering check box.
3. In the entry field, type the name of the directory you do not want to meter.
4. Click to add the directory to the list of exclusions.
5. Click the OK button to save your changes and close the dialog.

To prevent metering of a specific application:

1. Click Software Metering Exclusions in the Software Metering folder.
2. In the Software Metering Settings dialog, select the Exclude applications from software metering check box.
3. In the entry field, type the name of the executable you do not want to meter.
4. Click to add the application to the list of exclusions.
5. Click the OK button to save your changes and close the dialog.

You can use the asterisk (*) character as a wildcard in directory and package names. For example:

• \WIN* omits any directories (and subdirectories) that are in the root directory of any PC and which start with the letters WIN.
• WIN* omits any directories at any level which start with the letters WIN.
• *WIN omits any directories that contain the letters WIN.
• Windows\* omits any subdirectories of any Windows directory.

Vector Networks http://www.vector-networks.com Voice: +44 (0) 1827 67333 Fax: +44 (0) 1827 67068 info@vector-networks.co.uk