REDMOND, Wash., Feb. 21, 2006 – With the release of Microsoft Systems Management Server (SMS) 2003, Microsoft sought to deliver on a lofty goal: To provide enterprises a new level of automation, efficiency and insight into security vulnerabilities when deploying, updating and managing their IT systems.
IT managers took notice. A year after the release of SMS 2003, a Forrester Research survey found that Microsoft was the clear industry leader in client-systems management (CSM) products, with 41 percent of enterprise-scale businesses and 30 percent of small and medium-sized businesses choosing SMS. The next-closest products had less than half as large a share of the market, according to a Dec. 31, 2004 Forrester report, titled “The CSM Vendor Landscape.” In a more recent survey conducted by Forrester Research, Microsoft was the top choice among 43 percent of North American enterprises that selected a preferred client-management vendor, according to the analyst firm’s October 2005 “The State of IT Infrastructure Adoption” report.
Microsoft has extended its commitment to its enterprise management customers by today releasing a public beta of updates that significantly expands SMS 2003’s tools and capabilities. The new SMS 2003 R2 helps businesses install and manage software updates for third-party and line-of-business (LOB) applications via SMS in the same format used by SMS, rather than the numerous different formats and mechanism used by other vendors. In addition, IT administrators can now rely on SMS 2003 to check for configuration errors and security vulnerabilities on their system’s desktops and servers.
PressPass talked to Felicity McGourty, director of product management in Microsoft’s Windows Enterprise Management Division, to discuss the SMS 2003 R2 enhancements, as well as the latest SMS 2003 service pack and ongoing plans for continued expansion of Microsoft’s System Center family of products. PressPass also chatted with Garry Olah, a senior director for Citrix, a third-party software vendor that will be taking advantage of some of the new SMS 2003 R2 capabilities, and Chris Blasen, manager of the Enterprise Client Management Group at the University of Iowa, which has upgraded from SMS 2.0 to SMS 2003 to manage updates across its campus-wide network.
PressPass: What are you announcing today?
McGourty: We are releasing a public beta of SMS 2003 R2. This second release of the core SMS 2003 product provides our enterprise customers new tools designed to significantly reduce the time and resources they invest updating third-party and in-house applications, as well as easily identify system configuration errors that might lead to security risks. The release to manufacturing (RTM) of SMS 2003 R2 is slated to follow this beta, in the next several months.
Also today, we are announcing the availability of Service Pack (SP) 2 for SMS 2003, which includes additional enhancements along with bug fixes.
PressPass: What is included in SMS 2003 R2?
Felicity McGourty, Director of Product Management, Windows Enterprise Management Division
McGourty: The focus for this release is reducing costs associated with maintaining IT systems. Two important new tools in SMS 2003 R2 are designed to do just this, eliminating many of the time-consuming tasks associated with updating software and identifying common security-configuration errors.
This R2 release includes the new Inventory Tool for Custom Updates (ITCU), which allows businesses to automate deployment of updates for third-party and line-of-business (LOB) applications with SMS 2003. This release also includes the Enterprise Scan Tool for Vulnerability Assessment, which checks desktops and servers for numerous software configuration errors and other security vulnerabilities.
PressPass: What is included in the service pack?
McGourty: This service pack introduces enhanced virtualization support and enables Microsoft SQL Server 2005 to serve as the backend database engine for SMS. It also allows IT managers to use fully qualified domain names (FQDM). This eliminates SMS’s dependency on NetBios and WINS and improves performance for software inventory processing.
As is normal for service packs, SMS 2003 SP2 also contains a roll-up of bug fixes. There are only about a dozen fixes to remedy bugs reported by customers and partners in recent months. We are very pleased with the quality of the SMS 2003 code.
PressPass: How will the Inventory Tool for Custom Updates help customers?
McGourty: For many administrators, staying current with security patches and updates is no longer an option; it’s a requirement. Managing patches for every single machine, whether a desktop or a server, and for all applications residing on each system can be a time consuming task.
Today, SMS 2003 helps IT administrators manage updates to all Microsoft Windows-based applications and other Microsoft applications such as Microsoft Office. However, it has been much more challenging and time consuming to update other vendors’ applications. IT managers have had to manually search for updates on various different vendors’ Web sites, and then download and re-package the updates into a standard format before they could distribute and deploy them with SMS.
Now, if independent software vendors use ITCU to create a catalog containing the definitions for their application updates, customers can download updates from the vendor’s Web site in the same format and in the same way they download Microsoft patches. They then can deploy these updates using SMS. SMS’ administration console now contains an option to point to any site that contains such a catalog and import it directly into SMS.
PressPass: Can you quantify the potential time savings associated with unified updates?
McGourty: Without a unified format, it can take a few hours to manually process each update. The enormity of this challenge becomes clear when you consider that the typical IT environment has dozens – even hundreds – of different applications. And many must be updated on a regular basis.
Christopher Blasen: This new feature is going to be very well received. I know we are looking forward to it. It takes two IT administrators four or five hours a week to investigate and install the 35 or so third-party applications that we maintain.
Unfortunately, we don’t do near as good a job as we should because it is so time-consuming to install third-party patches and updates. Even tracking them down requires extra time, scouring product Web sites and subscribing to and reviewing mail groups. We get busy, and resources are tight. Out of sight leads to out of mind – until something goes wrong.
PressPass: How does the inventory tool work?
McGourty: The Inventory Tool for Custom Updates (ITCU) includes a publishing tool, which both independent software vendors and enterprises can use to create software-update catalogs.
Once the catalog has been created, an IT administrator can simply go to the software update wizard/screen within SMS 2003 and point to the catalog created for the third-party or custom application. The information is imported directly into the SMS console – just as with Microsoft updates – without any manual re-packaging.
The other component of ITCU is a new scanning tool that evaluates desktops and servers to determine whether they have the software updates required to comply with the business’ update requirements and policies.
PressPass: What has been the reaction to the ITCU technology among independent software vendors?
McGourty: A number of key vendors have already agreed to implement ITCU, and many more are investigating this new technology. We expect interest to continue growing as businesses ask third-party vendors for the convenience ITCU enables.
Garry Olah: There is a lot of value in ITCU for both Citrix and our joint customers. We plan to utilize ITCU in Citrix Presentation Server, an application-virtualization technology that uses a centralized and secure architecture to centrally deploy and manage LOB applications while providing secure, on-demand access to these resources for users anywhere.
Microsoft is building a platform to the large and robust SMS customer base, enabling Citrix to provide much simpler and faster patching and updating to our joint customers. As a result, we don’t have to spend a lot of money and time building a proprietary solution for sending updates. MS 2003 R2 makes our lives easier.
PressPass: Do you expect Citrix’s enterprise customers to also embrace the ITCU technology?
Olah: Our customers are much happier to have a single solution for getting updates from both Microsoft and Citrix. They can spend less time managing multiple systems and processes. It’s a real win-win situation.
McGourty: Businesses don’t want to have to search multiple Web sites each month for updates, then download, package and distribute them throughout their IT systems. They want to obtain the relevant updates in a consistent format, and use a single tool, format and update paradigm for all of their updates.
We are actively encouraging all software vendors to take advantage of this platform to benefit our mutual customers
PressPass: In addition to utilizing the ITCU tool in Citrix Presentation Server, how is Citrix working with Microsoft to make software updates easier for your mutual customers?
Olah: We are working very closely with Microsoft on many levels. We are working on integration with SMS 2003 by advising best practices for SMS 2003 customers for application distribution. We are also working on future integration with SMS 2003 R2 by building in their ITCU tool.
Further, we are developing new technologies such as Project Tarpon, an application-isolation and -streaming solution, to make it much easier for businesses to roll out new applications and keep them up-to-date. Project Tarpon complements SMS 2003’s improved updating capabilities by allowing customers to run applications in an isolated environment that prevents conflicts with other applications. SMS 2003 will enable customers to pre-deploy Tarpon application packages, speeding delivery over complex networks and to branch offices.
PressPass: Can you tell us more about the Scan Tool for Vulnerability Assessment? What benefits will this provide to customers?
McGouty: This tool is designed to allow IT administrators to scan their infrastructure to identify configuration settings that can increase the security vulnerability of their systems. The vulnerabilities that the tool checks for include passwords that are too easy to crack or that haven’t been changed frequently enough and systems that don’t have their firewall turned on.
Organizations can use this tool to identify systems that don’t meet their internal security and configuration policies and requirements. The SMS administrator is notified of all non-compliance situations, and then can use SMS to remedy these situations.
This tool is designed to really save time and effort. Not only does it check for the 100 most common settings that lead to potential vulnerabilities, it allows the administrator to pro-actively discover changes without accessing individual systems or manually reviewing these setting.
PressPass: Why should enterprises test the beta of SMS 2003 R2?
McGourty: We strongly recommend that customers download and evaluate the SMS 2003 R2 beta. By testing now, customers will get a hands-on demonstration of this release’s added functionality and its applicability to their environments. They’ll also have time to plan for their upgrade once SMS 2003 R2 becomes generally available.
This release also increases the reasons for enterprises that are still using SMS 2.0 Standard Edition to begin planning for an immediate upgrade to SMS 2003. By upgrading now, they’ll realize the benefits of SMS 2003 and the new features in R2. They also will avoid any additional costs associated with the end of mainstream support for SMS 2.0, on March 31. Beyond this date, SMS 2.0 will enter the extended phase of its product lifecycle, and customers will need to pay for any non-security related hotfix support.
To ease the transition from SMS 2.0 to SMS 2003, we are offering a 30-percent discount starting in April on all SMS Server licenses and SMS Configuration Management Licenses (CMLs) obtained with Software Assurance. This promotion will be available worldwide through Microsoft’s Volume Licensing programs.
PressPass: What benefits should customers expect to realize when they upgrade from SMS 2.0?
Blasen: We upgraded to SMS 2003 at the University of Iowa about two years ago, and I don’t know how we lived without central desktop management tools prior to implementation. Being able to use Active Directory when distributing patches and updates is a huge benefit, especially when you have more than 4,000 PCs to maintain. We’re also thrilled with how we can use SMS 2003’s onscreen dashboard to create and distribute Web reports. If we had to go back to SMS 2.0, we’d have to more than double our five-member staff.
There was a great example last month of how SMS 2003 has simplified our lives. Microsoft distributed a patch outside of its usual cycle of monthly updates. Within an hour after we’d received it, we had it built and ready to be deployed. Within three hours, we had it installed on more than 4,000 PCs. If we had to do that by hand and coordinate it with the university’s 20 different desktop administrators, it would have taken us weeks.
PressPass: What kind of return on investment (ROI) should businesses anticipate if they upgrade from SMS 2.0 to SMS 2003?
McGourty: Forrester found that companies can realize a significant financial benefit and ROI by upgrading from SMS 2.0 to SMS 2003. We commissioned a report in 2004, but the findings are just as relevant today. Based on a composite of the companies surveyed, Forrester found that ROI is 123 percent, with a breakeven point at about 11 months after deployment. In many cases, companies using the latest Windows operating systems and had relatively new and stable hardware platforms experienced higher ROI by taking advantage of the newer technologies and capabilities.
Over a three-year period, the businesses that Forrester interviewed reduced the time and other resources spent on patch management for servers by 10 percent and 14 percent on mobile clients. Distribution failures decreased by 9 percent on desktops, while the resources required to deploy applications went down an average of 4 percent on servers and 26 percent on mobile clients. Help desk efficiency increased 25 percent.
Blasen: In education, we don’t track ROI as religiously as most businesses do. But since we upgraded to SMS 2003, we have reduced by about 60 percent the amount of time we must spend running around doing hands-on management of the university’s 4,300 PCs.
Our technology staff has been liberated from doing mundane day-to-day tasks, and now is able to focus on more exciting, useful projects that our academic departments can leverage to make the workspace a better, more efficient place. We never had time to tackle these projects before. It feels like we’ve had a monkey taken off of our backs.
PressPass: Apart from the cost savings and additional functionality offered by SMS 2003, why is upgrading so important?
McGourty: In a word, security. When we released SMS 2.0 in 1999, exploitations, worms and hacking were not as prevalent or as destructive as they are today. Also, more businesses are relying on the Windows platform for business applications. This has increased the number of systems that need to be protected and managed.
Now, IT managers need to update their multiple distributed systems much more frequently and rapidly. They need tools that can adapt to the ever-evolving methods used by today’s online criminals. That’s the world SMS 2003 was built for – and that SMS 2003 R2 further addresses.
PressPass: How important a role will SMS 2003 play in the deployment of Microsoft Windows Vista?
McGourty: Helping customers deploy Windows Vista on their enterprise desktops as smoothly as possible is a high priority for us. One way we will help ease this transition is with an operation system deployment (OSD) feature pack update for SMS 2003, which will be available in conjunction with the release of Windows Vista beta 2.
PressPass: Should businesses look for continued enhancements to SMS and other related products?
McGourty: Definitely. We are planning significant enhancements to the next version of SMS, which we are aiming to release in the same timeframe as Windows Longhorn Server. Customers can expect additional security enhancements, improvements in the user interface and increased functionality and other capabilities.
We will announce more about the SMS roadmap at the Microsoft Management Summit in April, where we will explain how SMS will continue to evolve to meet customer needs in this space.