You Know Where The Door is – Use It!.. But Do You Have To?

January 17, 2010

Yes. Something that has happened  several times before has happened again this week.

A Reseller/Solution Provider implements a Citrix/Terminal Services/VDI/Streamed Application solution for an end user client.  The end user  has since received a Software Asset Management review, and at the end of it, the client receives a big un-budgetted invoice from Software Vendor XYZ because their Citrix/Terminal Services/VDI/Streamed Application solution does not enforce a ‘Per Device’ based application access control and licensing model.  As a result, the end user client gets upset and in the case this week, the Reseller/Solution Provider was shown the door and lost the Client.

As mentioned, I have seen this many times before, and I must sound like a broken record to my reseller techies, but this scenario keeps happening and can be avoided!

Now, before you blame it all on one particular application vendor, just remember that MOST if not ALL of your typical Software Vendors have a DEVICE based model for licensing, not user based.  It’s pretty simple, if a device can potentially access the application (regardless of where the actual code executes, or, even if it executes or not) that device needs a licence.  Even if you try and block access to the application at the user level with GPO’s, SRP’s or white and black lists at a user level, this does not comply as the authorized users can still access the application from all devices and so all devices still require a licence.

For example, If I own 50 PC’s and install Application A on each PC I need to buy 50 licenses. I can’t just say I only have one user login, so I only need one license – the world doesn’t work like that.

And “network techniologies” (CTX/TS/VDI/STREAMED APPS) are no different. If I can run the application for any single one of my 400 thin clients, then either I need to buy 400 device licenses of the application, or I need a way of enforcing the number of devices that can execute it.

If you want to see this explained you can can see me white board this on the AppSense YouTube Channel here -> Whiteboarding a per device licence scenario

Now I understand not everyone sees things the same way, but my experience is the Reseller/Solution provider is often the scape goat in these scenarios when it all goes pear-shaped.  So, for the partner to protect their rear end, and be a bit proactive, some of our Aussie Solution Providers highlight this to the end user by sending a short email, not only to the IT Manager who may be running the project, but also to the CFO and CIO who sign the cheques.

This email points out that the Solutions provider is bound by their status with Software Vendor XYZ to inform the client that the solution they are looking to implement does not fulfill the licensing requirements of the Software Vendor they are wanting to use and they may be liable for additional licence fees and even financial penalties in the event of an audit.. if, they do not also include a per device application access control solution as part of their overall SBC or VDI solution.

I was having this discussion in the office this week when, Hey Presto – in jumps AppMan with his  favorite AppSense product Application Manager – he’s a jovial fellow, looking resplendent in his red outfit.  Sure he’s not the tallest guy in the office, he could do with a few visits to the gym (couldn’t we all?) and yes I agree some of his hair has left the building for greener pastures but everyone with a wife and kids has that issue :-)

However, his heart ‘s in the right place.  He wants everyone to be compliant with their software licensing, he doesn’t want to see companies paying out for licences they don’t need, and he only wants to see Trusted/Authorized Applications running on corporate architecture (more info on how AppMan and his solution Application Manager can help with per device software licensing can be found here).

In addition, there’s a side benefit – not only will AppSense Application Manager enforce a per Device licensing model, it’s also one of the most effective security products on the market.  Trusted ownership ensured only software that is installed by a Trusted Owner (typically the IT Team) it’s allowed to run. Any file installed by a user will instantly be blocked.

Effective and bullet proof, that’s AppSense Application Manager. And as I always say when the subject of security comes up, It’s not that the security team at your organisation has done a bad job, it just they don’t know what they don’t know, so how can they protect against something they do not know about, or some piece of code that has only just been written today by someone they dont know of?  On the other hand,  AppSense Application Manager will show you EVERY file users try to execute, so you do now know what is going on.

And maybe, just maybe, if we all work harder at helping our clients, we can all join a Gym, take some measures to stop our hair falling out, avoid any software licensing issues and costs.. and all live happily ever after :-)

For more information on cost reduction in your environment, please visit the cost reduction pages on the AppSense website.


Process “Hibernation” Utility

September 25, 2009

Guy Leech, a contributor on this AppSense Blog has developed a utility to pause processes, minimize the process/application window, free up the Memory while paused, and provide the option to resume process at later date.

Here is the article intro along with link to the original post (containing the download):

“Ever have the need to pause a process so that you can come back to it later – maybe something that is resource hungry, difficult to get back to the same point in if you quit it or possibly doesn’t work when away from the corporate network? Then this is the utility for you – via a simple user interface it allows you to pause and resume any of your running applications/processes.”

Read more about this cool utility with option to download it here



AppSense Technical University Training For Partners

July 22, 2009

I am excited about writing this one, the much awaited 2009 AppSense Technical University is soon upon us! It will take place in October and November!!  Following on from our previous events, there are some exciting new developments at AppSense that we would like to share with you; amongst other topics:

  • User Introduced Applications (UIA) Technology – do we need, and how do we enable, users to install applications into non-persistent VDI sessions, and have the applications (and settings and preferences) remain available in the next non persistent vdi session?!
  • AppSense Management Suite Version 8.1 Product RoadMap
  • ‘Policy & Personalization’ best practices across virtual and multi OS platform environments

Uni

 

Why attend the AppSense Technical University?

The AppSense University is a ‘free of charge’ event to our AppSense Certified Solution Partners, and is a great chance to meet up with the AppSense Technical teams, as well as your peers from within the community. As a valued member of our Certified Solutions Partner program, you are invited to this comprehensive technical update and networking event.

The 2 day event will include in-depth, hands on training designed to enable you to provide consultancy services and implement the AppSense Management Suite for prospects and customers.

Register for further information

As always, AppSense is hosting several Technical University events in locations around the globe. If you are interested in attending an AppSense Technical University, click on the country or region most relevant to you and we will keep you informed of the event details:

United States, November 2009 

United Kingdom, October 2009

Norway, November 2009

DACH Region, November 2009

BeNeLux, November 2009

Australia, October/November 2009

We look forward to seeing you there!

Best Regards,

The AppSense Technical University Team.

Website: http://www.appsense.com
Email: university@appsense.com
Telephone: +44 (0)1928 793 444


Review of AppSense Environment Manager 8 by vExpert Tom Howarth

July 8, 2009

Tom Howarth (a VCP/vExpert specializing in Thin Client & Virtualization solutions) and author of www.PlanetVM.net has published a comprehensive review of AppSense Environment Manager Version 8.0

Tom is well known and highly respected within the VMware and Citrix communities and as such, this positive review comes with high regards.  In Tom’s concluding words he describes AppSense Environment Manager as, “It is a Ronseal product – it does what it says on the tin.”

The article can be viewed at http://planetvm.net/blog/?p=122


Custom Lockdown – Removing Features Without Registry Hacking or Complex Policies & Scripts

July 4, 2009

Custom lockdown actions or disabling features within custom applications often requires a lengthy amount of time being spent hacking and modifying application registry settings. This costly, time consuming approach is often used as a work around, and many times falls short of the lockdown requirement. One other point to note is that this approach requires expert knowledge on the subject matter of application registry settings (a great resource of which can be found at www.InsideTheRegistry.com – A website run by Microsoft MVP Jon Wallace)

AppSense Environment Manager will bring benefit to locking down applications, removing specific items, features, menus, and toolbars etc.. by reducing the amount of time spent on identifying and manipulating such keys and the testing associated with such changes.  Furthermore, with Environment Manager, the lockdown policy actions and settings can be applied at a much more granular level based on an extensive set of rules and conditions, giving greater control to the organization.

AppSense Environment Manager achieves this by using a mouse driven spy tool to select the areas to be removed. Application menus, shortcuts, keyboard strokes and features can be removed within seconds and then applied at either a computer or user level. Environment Manager can lockdown any control in any application and so offers control over applications which previously required registry hacking, or even control of features which cannot be removed even with registry manipulate.

This revolutionary approach to desktop and application lockdown simplifies IT management, while also ensuring compliance to stringent security and lockdown requirements.