Template for Section Two and Three of SDD



A Feature-Based Analysis & Comparison of IT Automation Tools:

Comparing Kaseya to Kace

Developed by:

David Wong

Robin Nadal

Advisor:

Dr. S. Masoud Sadjadi

School of Computing and Information Sciences

Florida International University

Contact Information: sadjadi@cs.fiu.edu,

More information:

4/17/2010

1.

Overview: Unlike other IT-management tools KACE makes efficient system management available by providing an appliance based architecture. KBOX physical features are very similar to a server, the user just have to connect it to the network, give it an IP address and is ready to start managing all the systems in the network. KACE offers two versions of its KBOX system, KBOX1000 and KBOX2000. The main difference between them is that K1000 is an agent based system and K2000 uses a network based system to manage machines.

Background: Founders Marty Kacin and Rob Meinhardt founded Kace in 2003 with self funds and capital from Sigma Partners, Norwest Venture Partners, and Focus Ventures. In 2007 KACE expanded by acquiring , Computers in Motion the next year and just recently Dell bought Kace in February 2010. Through KACE history the company has focus on appliance base management systems. KBOX systems has many integrated technologies from major partners like Bomgar, Mac, Microsoft, Citrux, Red Hat and many more. Kace offers a variety of options when it comes to educating customers, like white papers, webminars and most importantly a free virtual version of KBOX. Kace has a user base that includes government agencies and enterprise organizations from all round the world.

Kace contact information

1-877-MGMT-DONE

support@

KACE Headquarters

1616 North Shoreline Blvd.

Mountain View, California 94043

Office: (650) 316-1050

FAX: (650) 649-1806

OS Coverage:

Kace offers support for a wide variety of operating systems including Windows, Mac and Linux.

Grouping Managed Devices:

Grouping machines is one of the most important tasks for a system administrator which is why KBOX allow administrators to group machines dynamically. Dynamic grouping allows for monitoring, patch management, software distribution and configuration to be more efficient by grouping computers as targets using criteria such as hardware, software, network location, department and organization. For example you can set a criteria such that if a machine has a certain percent of its hard drive full to be dynamically added to a group that meets that condition.

1.1 Architecture

[pic]

KBOX architecture is divided in four layers to better provide functionality between the hardware, software, OS and agent environments. Each layer is design to take advantage of other layer’s features resulting in better use of resources and achieving better performance.

Application Services Layer

[pic]

The application service layer is the interface between the user and the system, and is done through a web-based console. This console offers great flexibility for administrators by allowing access from any location with an internet connection, It's infrastructure consist of a very easy to use tabbed base interface that provides access to all the features and functionality.

Management Services

[pic]

In the management service layer the appliance based architecture automates many time costing tasks like patch management, logging, security logging, recovery and backup. It also monitors and conducts maintenance on hardware, storage and security components. One of the most useful features of the management layer is its self tuning procedures features and software upgrade system that allow easy upgrade of your whole system with the click of one button.

Platform Layer

[pic]

The platform layer consist of the hardware features of the KBOX, which includes multiple core processors with a pair of gigabit ports and a build in RAID system. It also offers the administrator a range of open source components that allow for a greater choice management software and optimization options.

The Distributed Management Layer

Delivering High Scalability and Performance

[pic]

• Agent vs. Agent less deployment

K1000

K1000 uses an agent based architecture in order to deploy the system and all of its features. The way this work is that an agent containing all of K1000 features will be install on the system and then it will have constant communication with the KBOX. Before you can install the agents, identification of all available systems is done through a process call agent less scanning. Another alternative to install agents in a system is to download them directly from K1000 user portal and login scripts. Managing the latest version of the agent can be done easily trough an auto-upgrade feature.

K2000

K2000 deployment appliance works using an agent less architecture without the need to keep track of agent packages. All deployments are done trough a centralized K2000 library and PXE (Pre boot Execution Environment) standards on all LAN connected machine. Once the PXE systems boots the DHCP server directs them to network boot from the K2000 appliance instead of the hard drive. You can also add machines by manually entering their MAC address in the system. Agent less deployment can further increase productivity and cost by cutting down time and effort you would use in agent deployment, maintenance and updates.

1.2 Auditing & Asset management

KBOX uses a configuration management database to track computer and non computer assets like phones and other gear. Using the web interface you create assign and modify assets. Once an asset is created it is automatically integrated with KBOX functions like main inventory and help desk. Once an asset is rationalized the administrator can organize and associate the specific asset by vendor, contract, service and maintenance contracts.

• Adding and modifying assets

o Adding an asset in K1000 is as easy as going to the web management interface and clicking an add button. Asset types can be linked together and support a comprehensive list of fields.

• Managing Assets

o Asset management is done through various functions like main inventory, help desk and report functionality.

• Software license compliance

o K1000 offers an inventory process which keeps track of installed software in different systems. To better organized and keep track of software licenses an administrator can place similar software in asset groups and track associated licensees against the number of installations. Managing software agreements issues like upgrades and volume purchases are not a hassle because KBOX keeps track of licenses that are install automatically.

• Software metering

o Through software metering KBOX provides a function to let administrators know what software is being used against installed software. This functionality makes managing software an efficient and productive task by giving the administrator a view of licenses that can be reassigned to other users or retired. This feature can significantly reduce the use based licensing cost in an organization. Some of the data collected from this feature includes

The amount of time use by the application, last used date and number of times the application has been launched. This feature also provides the option to set alerts on expiration software.

• Asset History

o For better management control and accountability KBOX asset management features provide a full audit of software and hardware changes on systems.

• Importing Assets

o With K1000 asset information and be migrated from other systems like databases and spreadsheets using an asset import wizard.

• Reporting

o K1000 contains pre-packaged reports and a report wizard that make it simple to document asset management.

1.3 Remote Control

K1000 comes with a remote control functionality that allows direct access, and file sharing on systems on the network. Remote control can be configured to use UltraVNC which is bundle with K1000. Apart from the integrated remote control tool, K1000 also support integration with third party tools like NetOps, DreamWare, and Bomgar.

1.4 Automation

The K1000 comes with a wide range of tools for automating and enforcing many tasks. Unlike other IT automation tools in the market K1000 is very flexible when it comes to scripting, by providing users an easy to use configuration policy that provides scripts for Windows, Mac and Linux. Each created script can be configured to one or many machines and groups. It also creates reports on for script status and alerts. Once a script is created it can be configure to be run only once or regularly.

Some of the tools provided by K1000 to ease the process of creating scripts include:

• Kscripts wizard:

o The Kscript wizard is a point and click interface that guide administrators to the steps of creating a script without the need to have a lot of programming experience.

• 3rd part support

o Using the K1000 user interface administrators have the option to distribute and manage third party scripts using different languages like VB and PERL

1.5 Monitoring

K1000 provide users the ability to monitor all aspects K1000 functionalities, from a machines hard drive to the expiration of a license. K1000 comes with a wizard reporting tool that lets you create or automate reports on aspects of your systems you want to monitor and give you the option to email these reports to the desired person, K1000 also let administrators use any third party ODBC compliant reporting tool. Apart from reports there are graphical reports that deliver up to the moment stratus of security, license compliance, clients and OSs.

[pic]

1.6 Patch Management

K1000 patch management solution is powered by Lumension, a third party patch management solution. The patch repositories support patches for Windows and Mac as well for a wide range of popular software like Adobe. Patch management scheduling can be applied to groups or individual machines regularly at different times. Patches can be filter by criteria using search capabilities and views given the flexibility to the administrators to have total control of the different patches he wants to apply. For patch monitoring K1000 comes with pre package reports or a custom report creating wizard that allow administrators to see the status of the patches or if they have rolled out successfully.

1.7 Backup & Disaster Recovery

K1000 doesn’t offer an integrated backup and recovery solution but the new version K2000 does. K2000 comes with fail over and backup recovery that uses RAID configuration that provide hardware redundancy in case of catastrophe. It also gives users the ability to provide regular backups of the system state and configuration of their K2000 in case of data failure or loss. In addition K2000 provide an option to synchronize software assets with other K2000 boxes in other places which allows disaster recovery aid in different physical locations.

1.8 Endpoint Security

Security features in K1000 is integrated with all functionalities of the system, from patch management to computer inventory and all the systems administer by the KBox. For security K1000 offers a security and audit enforcement feature that helps identify security risks across all machines. Once vulnerability is detected it eliminates it, if by any reason the security vulnerability can’t be remove the infected machine will be quarantine from the network. Setting up a security policy and enforcing is done through security configuration policy enforcement feature that provide a number of pre built policies with a simple drop down options interface which include:

-Enforcing windows firewall settings.

-Enforcing IE security settings.

-Enforcing anti-virus settings.

-Stop execution of specific programs

-Quarantine policies for compromised devises

One of the security features KBOX offers is OVAL based security, OVAL is the information community standard endorsed by US Computer Emergency Readiness Team and the department of Homeland Security. With K1000 the user has an option to schedule regular OVAL vulnerability scans. Each scan is checked against a list of known vulnerabilities and is given a grade of pass or fail.

1.9 User State Management

User state management is not part of K1000 but it is included in Dell KACE K2000. It allows deploying settings and user particular files along with applications and an operating system which ensures that no critical information is lost during transferring to a new computer or upgrading a computer and guarantees that when users turn on the new computers for the first time the desired information from the old computers will be already on the new ones. The K2000 centralized deployment library is used to store all user states that are captured, which eases administration since administrators have access to those states whenever they want and do not have to use external hard drives or other means of removable media to obtain and load settings and files from the users. K2000 offers a very easy way to capture and load user states; this is accomplished with a simple click of a button, thus complicated methods such as command line syntax are eliminated. K2000 provides a very easy to use interface to accomplish user state management. User states are deployed with an image or network OS install, and then K2000 transfers them with the deployment package. User states are automatically loaded thanks to the K2000 boot feature which ensures that user states are already present the next time a computer boots up. User state management provided by KACE 2000 helps organizations decrease the price related to deployment because end user downtime is reduced.

1.10 Help Desk

KACE offers a built in help desk functionality for enhanced user support. This functionality is known as K1000 help desk and offers a very easy to use, broad help desk ability based option to habitual help desk tools. Using KACE’s help desk provides many benefits such as less manual work involved while fixing problems, automation of ticket management, and providing great quality service levels. K1000 also has a feature used to provide support to the K1000 asset management and main K1000 database by using ITIL based event administration processes. All functionality that K1000 provides is accessible from an exclusive UI, and all of its data is pre-integrated. K1000 uses a central configuration management database, CMDB, which allows service desk employees to have access to delicate information found on each module, such as patch management, computer inventory, asset management, etc. Another feature is that all impacts and activities can be tracked, guaranteeing that auditing and service levels are checked for fulfillment. K1000 provides a reliable way to support its users, the users ask for support via email or a self service portal where they put their requests. The portal has a knowledge base from which users can choose and view the categories of their requests, such as software, hardware, etc. Providing support to the users is very important to KACE, therefore a satisfaction survey is also included in K1000 help desk. K1000 help desk also allows organizations to customize their help desk as they wish according to their requirements, for example: fields, defaults, e-mail notifications. Each and every aspect can be customized.

K1000 furthermore allows the establishment of rules and support queues to manage the flow of tickets. Tickets are entirely customizable, among other options such as sort able and searchable, and are automated on hierarchical groups. If tickets are not punctually addressed then e-mail alerts are generated as part of the escalation notifications. Moreover, tickets can be grouped with parent child relationships which add structure to associated functions and also automates the process of closing dependent tickets.

1.11 Reporting

The K1000 uses wizard based tools to accomplish reporting and is used to track the performance of service desk and respond to business needs. These wizard based tools easily create common and ad-hoc reports. The features that K1000 reporting provides are:

• Reports are created by the use of wizard based interfaces.

• Reports can be e-mailed and scheduled which benefit administration.

• Graphical reports and dashboards are available and offer a better look at important management metrics.

• More than 50 pre configured reports are included.

• 3rd party compliant reporting tools are supported.

• Different types of output, including HTML, PDF, and CSV.

1.12 System

Every organization has a database and is supported by this, this database contain user roles, passwords and permissions which guarantees that only approved administrators can access desired machines. Administrators also can classify administration domains according to the chosen scale of device control and under this module names, roles, descriptions, date of creation are assigned to organizations. Additionally, the settings found on K1000 offer the option of being controlled at an organizational point which allows arranging task achievement on desired organizations. In addition many organizations can be set up along with LDAP and machine filters to divide set of devices.

1.13 Usability

The KACE 1000 provides a high level of usability. It is very easy to use which reduces training time, offers fast deployment and allows experienced and inexperienced technicians to administer the K1000. What’s more, the KACE K1000 gives administrator an integrated view, in which all IT management tasks area available, such as help desk, reporting, inventory, etc. This integrated view eases administration and reduces costs. Thanks to its familiar appearance and feel in its applications users learn quickly to use KACE K1000, thus it reduces the learning curve for everyone. Further, KACE K1000’s applications access the database which reduces the clicks and time necessitated to obtain information and complete functions. KACE 1000 definitely has an elevated degree of usability that permits users to finish their work rapidly and easily thanks to its easy to use interface and functionality. KACE K1000 only needs to be connected to a network using an Ethernet cable and instantaneously begins working; it does not get any easier than that.

1.14 Reliability

The KACE 1000 has an exceptional degree of reliability; it is a complete solution that provides a profound integration of messaging, hardware, distributed processing, and application functionality that allows the appliance based architectures to provide reliability to the highest level. The architecture enables maintenance, distributed automation and deployment of the solution guaranteeing reliable management operations. KACE 1000 uses the Agent Messaging Protocol (AMP) which establishes a reliable and efficient connection between an agent and the K 1000 appliance which is very important in order to execute functions, notifications, and provide efficient alerts in near real time. AMP also employs Internet protocols such as TCP/IP sockets and HTTP that guarantee reliable communication between any network topology and the K 1000. Moreover, K1000 increases reliability by reducing administrative overhead, K1000 automates its security updates and own application.

1.15 Performance

The K1000 gets rid of the complexity and delivers high performance accomplishing IT operational tasks. Each layer works entirely with the purpose built in services of the adjacent layers, which maximizes performance. K1000 also uses very little client CPU phases and memory which permits to inventory and scan all clients frequently without affecting client performance. Since K1000 offers agent and agentless support it gives flexible and complete management of network assets, thus the performance obtained is excellent. Moreover, the K1000 performs greatly in scalability, for example one K1000 can scale from 100 to 10000 managed nodes efficiently, including both locally and remotely deployed nodes. This is accomplishing thanks to the AMP protocol used by the K1000. In addition, the K1000 ensures an outstanding performance by being self tuning, which reduces network utilization spikes. Another aspect that allows K1000 to provide a great performance is its hardware: dual gigabit Ethernet ports, 1U rack mountable server which has dual quad core processors and hard disks which are in a RAID configuration. Furthermore, K1000 uses MySQL for reporting and application data compilation which guarantees great performance in application services and management. Additionally, K1000 offers automated maintenance night by night on its hardware, security components and storage, which means administrators do not have perform this task manually. The results of the maintenance are sent to administrators in an e-mail. This guarantees high performance and decreases administrative costs. With K1000 complete management of all network devices is accomplished, thus it provides excellent performance.

1.16 Supportability

K1000 supports both agent and agentless management in order to provide depth in management control and expansive visibility of all systems on a network. The K1000 agents support MAC, Windows, and Red Hat Linux systems. This is a great advantage since administrators have a complete view of all systems on a network despite the operating system. The K1000 architecture supports various agent requests at the same time, which allows K1000 to perform actions on the agents. K1000 also supports Microsoft BITS which is used for restarting and throttling file downloads if the links are slow. Moreover, K1000 supports technologies from the open source community ensuring the extra advantage of continuous evolution. What is more, reverse proxy is supported by K1000 allowing to put the K1000 behind its firewall and in an organization’s DMZ. DMZ is used to manage remote users that are not connected to the corporate network.

2. Comparison and Discussion

2.1 Evaluating and Discussing Kace Kbox1000

|1 |Architecture |4 layers that provide functionality between the hardware, software, OS and |

| |Rating: 5 |agent environments. These layers take advantage of other layer’s features |

| | |resulting in better performance. |

|2 |Audit & Asset Mgt |Allows adding and modifying assets, managing assets, software license |

| |Rating: 4 |compliance, asset history, importing asset, and reporting. |

| | | |

| | | |

|3 |Remote Control |Allows direct access, and file sharing on systems on the network, and also |

| |Rating: 5 |support integration with third party tools like NetOps, DreamWare, and |

| | |Bomgar. |

|4 |Automation |Comes with a wide range of tools for automating and enforcing many tasks. |

| |Rating: 4 |Also provides users an easy to use configuration policy that provides |

| | |scripts for Windows, Mac and Linux. |

|5 |Monitoring |Provides users with the ability to monitor all aspects in K1000’s |

| |Rating: 4 |functionalities, from a machines hard drive to the expiration of a license.|

| | |K1000 also has a wizard reporting tool that lets you create or automate |

| | |reports on aspects of your systems. |

|6 |Patch Mgt |Scheduling can be applied to groups or individual machines regularly at |

| |Rating: 5 |different times. K1000 comes with pre package reports or a custom report |

| | |creating wizard that allow administrators to see the status of the patches |

| | |or if they have rolled out successfully. |

|7 |Backup & Disaster Recovery |K2000 comes with fail over and backup recovery that uses RAID configuration|

| |Rating: 4 |that provide hardware redundancy in case of catastrophe. It also gives |

| | |users the ability to provide regular backups of the system state. |

|8 |Endpoint Security |Offers a security and audit enforcement feature that helps identify |

| |Rating: 4 |security risks across all machines. Also offers OVAL based security, which |

| | |is the information community standard endorsed by US Computer Emergency |

| | |Readiness Team and the department of Homeland Security. |

|9 |User State Mgt |Centralized deployment library is used to store all user states that are |

| |Rating: 4 |captured, which eases administration since administrators have access to |

| | |those states whenever they want. User states are automatically loaded |

| | |thanks to the K2000 boot feature which ensures that user states are already|

| | |present the next time a computer boots up. |

|10 |HelpDesk |Many benefits such as less manual work involved while fixing problems, |

| |Rating: 5 |automation of ticket management, and providing great quality service |

| | |levels. |

|11 |Reporting |Uses wizard based tools to accomplish reporting and is used to track the |

| |Rating: 5 |performance of service desk and respond to business needs. These wizard |

| | |based tools easily create common and ad-hoc reports. |

|12 |System |Organizations can be set up along with LDAP and machine filters to divide |

| |Rating: 4 |set of devices. Under this module names, roles, descriptions, date of |

| | |creation are assigned to organizations. |

|13 |Usability |Very easy to use which reduces training time, offers fast deployment and |

| |Rating: 5 |allows experienced and inexperienced technicians to administer the K1000. |

|14 |Reliability |K1000 increases reliability by reducing administrative overhead, K1000 |

| |Rating: 4 |automates its security updates and own application. |

|15 |Performance |Each layer works entirely with the purpose built in services of the |

| |Rating: 5 |adjacent layers, which maximizes performance. |

|16 |Supportability |Supports both agent and agentless management in order to provide depth in |

| |Rating: 5 |management control and expansive visibility of all systems on a network. |

| | |The K1000 agents support MAC, Windows, and Red Hat Linux systems. |

2.2 Rating Results Explanation/Discussion:

Individual Solution Comparison Rating System Table

| | |Kaseya |Kbox |

|1 |Architecture |3 |5 |

|2 |Audit & Asset Mgt |4 |4 |

|3 |Remote Control |4 |3 |

|4 |Automation |4 |4 |

|5 |Monitoring |3 |5 |

|6 |Patch Mgt |3 |5 |

|7 |Backup & Disaster Recovery |4 |5 |

|8 |Endpoint Security |4 |4 |

|9 |User State Mgt |3 |4 |

|10 |HelpDesk |4 |4 |

|11 |Reporting |3 |5 |

|12 |System |4 |4 |

|13 |Usability |4 |4 |

|14 |Reliability |3 |5 |

|15 |Performance |3 |5 |

|16 |Supportability |4 |4 |

| |Total | | |

Overall KBOX and kaseya are par on par when it comes to many features but Kbox offer better support and flexibility when it comes to OS support, architecture, grouping and usability. Overall support cost is cheaper for Kbox especially since you don't have to buy a supporting server system.

4. References

All reference for this research was taken from

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download