Chapter 11

Software Asset Management

Software Asset Management is a powerful set of integrated features that enable you to plan and control the rollout of software to your users, and to monitor software usage throughout your organization. You can use it to help manage software requirements across the network, to control your organization's spending by monitoring license usage, and to identify the use of prohibited or illegal software.

Package Policy Manager

Package Policy Manager is designed to help you plan and control what software packages are installed on your network, and to regulate where the packages can be installed. By identifying groups of PCs and the software that can, must and must not be installed on them, it gives you the ability to analyze the key applications needed by the various people and departments, and to predict and manage software licensing across your organization.

Planning Your Software Distribution

To use Package Policy Manager, you must first define the package policies that LANutil will use to analyze the software distribution within your organization. Each package policy has two components:

• A set of clients and nodes that have the same asset requirements.
• A set of rules that identify software that is mandatory, optional and prohibited for the specified PCs.

This approach enables you to create policies that can be used to specify the software required by departments and areas within your organization. It also enables you to create policies that identify the groups and PCs where specific packages can be installed.

For example, you can create a packages policy that specifies all PCs in the Sales department must have access to MS Office but that access to Internet Explorer is prohibited. Similarly, a package policy can specify that all PCs within your organization must have a specific version of a virus scanner.

You can use a mixture of both of these package management methods in the way that best suits your organization's requirements.

To Create a Package Policy:

1. In the LANutil Console, double-click the Package Policy Manager operation. The Package Policy Manager window is displayed.
2. In the Package Policy Manager window, select the Policies tab, then choose the Edit, Add Package Policy menu command. The Package Policy Details dialog is displayed.
3. In the Name field, type a name for the new policy and click the OK button.

   You can create an unlimited number of package policies.

Adding Clients to a Package Policy

You can assign Clients to a Package Policy either as individual nodes or as part of Client groups. Clients can belong to an unlimited number of Package Policies either as individuals or as a member of one or more groups.

To add clients to the package policy:

1. In the Tree View on the left of the Package Policy Manager window, expand the package policy you want to update.
2. Select the Nodes or Groups entry that you want to update.
3. Choose the Edit, Add Client menu command. The Add Clients dialog is displayed.
4. In the Add Clients dialog, select the entries you want to add to the policy. (To select more than one entry, press the Control or Shift key as you click on each entry.)
5. Click the OK button to add your selections to the policy.

To remove clients from a package policy:

1. In the Tree View of the Package Policy Manager window, expand the package policy you want to update.
2. Select the Nodes entry if you want to remove individual clients from the policy, or select Groups if you want to remove client groups.
3. In the List View, right-click on the entry you want to remove, and choose Remove in the shortcut menu.

Adding Packages to a Package Policy

Package Policies can be used to control the installation of specific applications (for example, you can define a package policy to specify that all Client PCs must have a specific virus checker installed), or you can use them to specify what software is required by specific Clients (such as identifying what software is required by all Client PCs used by the Engineering department).

To add packages to a package policy:

1. In the Tree View of the Package Policy Manager window, expand the package policy you want to update.
2. Double-click on the Packages entry and select the option to which you want add a software package. For example, if you want to specify that a software package must not be installed on PCs in this policy, select Prohibited.

   The List View displays the packages that are currently assigned to the option.

3. Choose the Edit, Add Package menu command. The Add Packages dialog is displayed.
4. In the Add Packages dialog, select the package you want to add to this option. (To select more than one entry, press the Control or Shift key as you click on each entry.)
5. If you want to specify a particular release of the software for this policy, type the version number in the Version field. You must enter the version number in same format as used in the Packages Database.

   You can specify a version only when one package is selected.

6. Click the OK button. The package is displayed in the List View.

   For more information on adding software to the list of packages recognized by LANutil, see "Adding and Modifying Package Details" on page 76.

To remove packages from a package policy:

1. In the Tree View of the Package Policy Manager window, expand the package policy you want to change.
2. Select the policy option that you want to remove a package from. The packages currently assigned to the option are displayed in the List View.
3. In the List view, right-click on the package you want to remove, and choose Remove in the shortcut menu.

Checking Policy Conformance

When you have created one or more package policies, you can use the Package Policy Manager to check how well your PCs conform to your policy specifications. Before running the Analyzer, you must run a Software Inventory (Publish) scan on the network.

To check the contents of the Software Inventory Results database, right-click a Node in the Console's Nodes list and choose Software Details from the shortcut menu.

To view the results of your package analysis:

1. Choose the Tools, Run Analysis menu command in the Package Policy Manager window.
2. In the Tree, select the Compliance tab. This contains a series of reports on the compliance status of software on your network.
3. Click the Yes button in the confirmation message, and, when the Analyzer has finished, click on the report you want to view. The results of the analysis are displayed in the List View.

You can manipulate the contents of the List View in the following ways:

• To resize a column, click on the right edge of the column heading and drag the divider.
• To display the full contents of a column, double-click on its right edge.
• To sort the items in the List View by a category, click on the column heading.

Understanding the Compliance Reports

The Compliance Tree contains a series of reports that you can use to check on how well your network conforms to your package policies.

Bad Versions

If your package policies specify particular versions of software, this report lists any clients where the wrong version of the specified package is installed.

Installed & Authorized

This report lists all clients where mandatory and optional packages are installed and allowed by a package policy. If you have specified particular versions of software for a package policy, this report also lists any clients that have the wrong version of the specified package.

Installed OK

This report lists all clients where mandatory and optional packages are installed and allowed by a package policy. If you have specified particular versions of software for a package policy, this report only lists clients that have the correct version of the specified package installed.

Managed Nodes

This section contains a software compliance report for each client that belongs to a package policy. These reports enable you to see the compliance information from all package policies that apply to each client.

Managed Packages

This section contains a report for each software package that is assigned to at least one package policy. Use it to view all the clients where this software is currently installed.

Missing Mandatory Packages

This report lists all clients where a mandatory software package is not currently installed.

Not Authorized Packages

This report lists packages that are included in package policies, but which are installed on clients where they are not authorized by a specific policy.

Policies This section contains reports that provide a breakdown of the software compliance by package policy. Each report lists the software installed on all clients that belongs to the selected policy.

Prohibited Packages

This report lists all clients where a prohibited software package is installed.

Unmanaged Nodes

This report lists all clients that are not included in any package policy.

Unmanaged Packages

This section contains reports that lists software packages that are installed on one or more clients, but not included in any package policies. To display the clients on which the software is installed, click on each report.

Note that when a policy only contains non-mandatory packages that are not currently installed on any Client, the policy does not appear in the Compliance tab.

Color Coding

Compliance reports use the following colors to identify the compliance status of software packages:

Red

the package is prohibited, but installed.

Black

the package is unmanaged (it is installed, but not assigned to any package policy).

Purple

the package is mandatory, but not installed.

Orange

the wrong version of the package is installed.

Green

the package is optional or mandatory and is installed.

Blue

the package is unauthorized because no policy is currently specified for the installation of the package on this client.

Creating Groups in Package Policy Manager

You can create client groups from the contents of the Analyzer's list views, and then use them to investigate policy exceptions, or as the basis for new package policies. For example, if your network includes several clients where an unmanaged package is installed, you can use this option to create a group from the clients and then apply a policy to that group.

To create a group:

1. In the Compliance Tree view, select the report from which you want to create a group.
2. In the Compliance List view, select the clients you want to add to the group. (To select more than one client, press the Control or Shift key as you click on each entry.)
3. Choose the Edit, Make Fixed Group menu command. The Create a New Fixed Group dialog is displayed.
4. In the Create a New Fixed Group dialog, type a Name for the group and a Comment if required, then click the OK button.

   The group is now available in the Console and the Package Policy Tree.

Package Policy Manager Log File

Package Policy Manager includes a logging facility that enables you to view the details of a policy analysis and search for potential problems, such as conflicting package policies or database problems. By default, no logging file is created.

To create a Package Policy Manager log file:

1. Choose the Tools, Options menu command. The Global Options dialog is displayed.
2. In the Reporting Log Type list, select the type of log file you want to create:

   Silent creates no log information.

   Debug lists the clients being processed.

   Verbose lists the clients and the names of packages being processed. It also identifies any policy conflicts such as when a software package is identified as both prohibited and mandatory for the same Client.

   All lists the Verbose information, plus the managed status of each package.

3. By default, the log file is named PPM_Log.txt and saved in the LANutil32 Suite directory. If you want to create a different log file, type a name for the new file in the Log File field.
4. Click the OK button to save your changes and close the dialog. The information is appended to the specified log file the next time you run the Run Analysis command.

Selecting Databases

By default, Package Policy Manager works with and saves its results to the Console's currently selected database. However, if your organization maintains multiple site databases, you can choose the database you want to work with.

To select a database:

1. In the Package Policy Manager window, choose the Tools, Options menu command. The Global Options dialog is displayed.
2. In the Database field, type the DSN of the database you want to work with.
3. Click the OK button to close the dialog and load the package policy information for the new database.

To Exit the Package Policy Manager

When you have finished your analysis, choose the File, Exit menu command.

Software Metering

While Package Policy Manager monitors and regulates the software that is installed on your network, Software Metering gathers and analyzes data on what software packages are actually in use. When installed and running on Client PCs, software metering enables you to monitor where software is being used, who is using it and the length of time it is used for. You can then use LANutil's pre-defined reports to identify and predict software usage requirements across your organization and to control your software licensing costs by spotting packages that are rarely or never opened.

Software metering is carried out by three processes:

Software Metering Agents

Metering Agents run on each Client and collect raw data on what software is being used and how long it is used for. Agents poll the Client at a user-defined frequency (every 10 seconds, by default) and take a snapshot of all applications that are currently open. They also copy the metering data to Client's Offline Area at an interval specified in LUCLIENT.INI. For more information, see "Controlling Client Behavior" on page 30.

Collation

Collation is run offline by a LANutil Scheduler. The Collation Job collects software metering data from each Client's Offline Area and saves it to the Site Database, where it can be viewed using the Software Activity Details report. It can also remove old metering data from the Site Database and the Clients' Offline Areas.

By default, the Collation job is run by one scheduler at 23:00 each day. However, it can be rescheduled from the Console's Jobs View (see "Scheduling Operations as Jobs" on page 36) and, for large networks, it can be spread across multiple schedulers (see "Configuring Software Metering").

Summarizing

The Summarizer Job further amalgamates the software metering data from the Collator and calculates the total length of time that each node has used each software package over the previous 24-hour period, and then interpolating between each snapshot. The data is then used to produce software usage reports, such as the Software Total Users by Day report. By default, the Summarizer runs at 01:00 each day on the same scheduler as the Collator, but it can be rescheduled, or moved to another PC.

Enabling and Disabling Software Metering

Software Metering is automatically enabled when you first install LANutil. Use the following procedure to stop or restart the collection and analysis of metering data.

To enable or disable software metering analysis:

1. In the Console, select the Site, Software Metering menu command.
2. In the Software Metering Settings dialog, uncheck the Enable software metering box.

   You can restart metering at any time by opening the Software Metering Settings dialog, and rechecking the Enable software metering box.

Configuring Software Metering

By default, the software metering data of all Client PCs on the network is collated and purged by one scheduler. However, because this Job can take up a significant amount of time and disk space when you have a large network with many Clients, you can spread the work amongst several schedulers and control how long the collation data is saved.

To distribute the software metering workload:

1. In the Console, select the Site, Software Metering menu command to open the Software Metering Settings dialog.
2. In the Select a host to set its offline areas list, select the Scheduler which is currently running the Collator and deselect all the entries in the Select offline areas for the host list. (By default, all Offline Areas are assigned to the first entry in the Select a host to set its offline areas list.)
3. For each scheduler you want to assign work to:
   1. In the Select a host to set its offline areas list, select the scheduler.
   2. In the Select offline areas for the host list, select the Offline Areas that you want the selected scheduler to collect metering data from.
4. If you want to change the scheduler that is responsible for summarizing the software metering data, select another entry in the Which host runs the summarizer list. (Because it works with all the metering data, the Summarizer can be assigned to only one scheduler for the whole Site.)

To change the frequency at which metering data is deleted:

1. In the Software Metering Settings dialog, check the Enable purging of software metering client data and database box.
2. In the Purge client data after how many days field, enter the number of days for which you want to keep the raw metering data.
3. In the Purge collation database after how many days field, enter the number of days for which you want to keep the collated metering data.

Software Metering Logs

Software Metering includes a logging facility that enables you to view the details of the Collator and Summarizer Jobs that are used to produce the Software Metering reports. The information is recorded in COLLATOR.LOG and SUMMARIZER.LOG and stored in the LANutil directory.

To choose a logging option for Software Metering:

1. In the Console, select the Site, Software Metering menu command to open the Software Metering Settings dialog.
2. In the Software Metering Settings dialog, select a Logging option. Choose:

   No Logging To record no logging information (the default setting).

   Log Errors To record all errors found during the Collator and Summarizer jobs.

   Log errors and additional information To record all errors found during the Collator and Summarizer jobs, plus information on each node processed, excluded data and so on.

3. Click the OK button to save your changes and close the dialog. The data is appended to the log files when the Collator and Summarizer jobs are next run.

Customizing Software Metering

When first installed, LANutil's Software Metering monitors the usage of all software on all Client PCs across the network. Use this feature to omit specific applications from the software metering reports, or to omit all the applications started from a specific directory. For example, if you are not interested in where Notepad is being used or how long it is being used for, Software Metering Exclusions enable you to remove all notifications of its use from your metering reports.

To prevent metering of applications started from a particular directory:

1. In the Console, select the Site, Software Metering Exclusions menu command.
2. In the Software Metering Settings dialog, check the Exclude directories from software metering box.
3. In the entry field, type the name of the directory you do not want to meter.
4. Click to add the directory to the list of exclusions.
5. Click the OK button to save your changes and close the dialog.

To prevent metering of a specific application:

1. In the Console, select the Site, Software Metering Exclusions menu command.
2. In the Software Metering Settings dialog, check the Exclude applications from software metering box.
3. In the entry field, type the name of the executable you do not want to meter.
4. Click to add the application to the list of exclusions.
5. Click the OK button to save your changes and close the dialog.

You can use the asterisk (*) character as a wildcard in directory and package names. For example:

• \WIN* omits any directories (and subdirectories) that are in the root directory of any PC and which start with the letters WIN.
• WIN* omits any directories at any level which start with the letters WIN.
• *WIN omits any directories that contain the letters WIN.
• Windows\* omits any subdirectories of any Windows directory.

Vector Networks Limited http://www.vector-networks.com info@vector-networks.com