One way to simplify remote management is to consolidate the number of individual point products at the branch into “all-in-one” or “branch-in-a-box” products. Their prime advantage is consolidation of remote management functions. Find out what other branch office technology choices are available to wide area network (WAN) managers in Chapter 2 of the e-book Simplifying Branch Office Management. Continue reading about the best remote management technology for WAN managers in Chapter 2 below, or skip to other chapters in the e-book using the table of contents below:
Table of contents
Chapter 1: Branch IT management: Defining remote office structure
Chapter 2: The best remote management technology for WAN managers
Chapter 3: Mapping WAN technology to branch office network tiers
Based on typical salaries, organizations spend $9,600
to $48,000 a year per IT person to troubleshoot problems at remote offices.
Ted Ritter, Nemertes Research Senior Analyst
Evaluating technology choices requires significant thought not just on finding the right technology to meet the SLA but on finding technology that supports proactive remote management. IT and networking staffs typically spend 10% to 50% of their time troubleshooting remote branch office IT problems. Not surprisingly, companies that are more distributed or those that are larger tend to fall in the 30% to 50% range; smaller companies are in the 10% to 30% range. Based on typical salaries, organizations spend $9,600 to $48,000 a year per IT person to troubleshoot problems at remote offices.
We estimate that between 40% and 70% of the problems at remote offices could be resolved through deployment of technology to optimize application performance at the branch, while minimizing central IT management cost. To do this, it is best to focus on two major components of the branch IT infrastructure: desktop/application delivery and remote management touch-points. The former characterizes movements to centralize the desktop in the data center while optimizing delivery of applications on-demand from the data center. The latter involves increasing remote management control while simultaneously decreasing the number of remote management touch-points.
Application and desktop delivery technology for remote management
Supporting remote desktops is a huge waste of time for IT. Despite sophisticated remote troubleshooting tools, there are always desktop and application problems that cannot be solved remotely. The worst case requires rebuilding the desktop, either onsite via an internal computer swap program or through a truck roll. One way organizations eliminate remote desktop rebuilds is by bringing desktops into the data center via desktop virtualization.
Interest in server-based desktop virtualization is growing. Half of enterprises expect to use some virtual desktops before 2011. Desktop virtualization is the abstraction of a desktop workload (operating system and applications) from desktop hardware. A number of vendors offer server-based desktop virtualization solutions or “virtual desktop infrastructure” (VDI), including Citrix, Microsoft, Oracle/Sun, RedHat, and VMware. The user at the branch has a desktop client that can be a computer or a terminal-like thin client. Essentially, processing occurs in the data center, and all data lives there; only the keyboard, mouse, monitor and peripherals extend out to the branch.
Before moving to desktop virtualization, the branch IT manager must pay attention to the reliability, stability and security of the network.
Ted Ritter, Nemertes Research Senior Analyst
All management and maintenance of desktops occurs in the data center. So, in the event a rebuild is necessary, all work is done centrally and a rebuild may be done as quickly as it takes the remote user to log off and log back on to get a clean copy of the saved desktop image or a freshly generated desktop image, depending on the desktop virtualization approach.
With desktop virtualization, the network becomes critical to desktop functions: No network means no data and no desktop. Therefore, before moving to desktop virtualization, the branch IT manager must pay attention to the reliability, stability and security of the network.
Using WAN optimization for better remote management
IT sometimes tries to guarantee performance by over-provisioning bandwidth, which is expensive and ultimately does not always work; many performance problems are not bandwidth related. Organizations turn to WAN optimization to keep bandwidth costs down while guaranteeing application and desktop performance.
WAN optimization adoption borders on ubiquity, with 72.7% of organizations deploying it, up from less than 50% five years ago. There are four types of WAN optimization defined by position in the network: symmetric, asymmetric, carrier-cloud, and overlay. Currently, most enterprises focus on symmetric and asymmetric optimization, though carrier-cloud and overlay are on the rise.
Symmetric optimization, the most common kind, requires an optimizer at both ends of a connection. The endpoints can be dedicated appliances, from companies such as BlueCoat, Cisco and Riverbed; or embedded functions in a multi-function device from Expand or others; or a soft client running on a user's computer from a company like BlueCoat. Asymmetric optimization requires optimization at only one end. Citrix NetScaler and Crescendo AppBeat systems are asymmetric optimizers.
Symmetric optimization does the most to compress data and is essential where bandwidth limitations are the primary concern. Asymmetric optimization is good for accelerating Web applications. Various optimization techniques, including compression, acceleration, caching and latency reduction, help companies see anywhere from a threefold to tenfold increase in performance using their existing bandwidth. Some IT executives say they are implementing optimization technology selectively. For example, a global financial-services company is adding optimization only in areas with expensive bandwidth, such as Japan. Others are basing their implementations on specific requirements. “We’re doing WAN optimization in campus environments and looking at wide area file services (WAFS) and wide-area storage for disaster recovery,” said the VP of strategic planning for a defense contractor.
Remote management touch-points
One way to simplify remote branch management is to consolidate the number of individual point products at the branch into “all-in-one” or “branch-in-a-box” products. Their prime advantage is consolidation of remote management functions. With one remote user interface, centralized IT can manage what previously required three or more independent sessions and tools. This reduces mean time to repair (MTTR) as well as training costs for branch IT support staff.
About 17% of companies use all-in-one devices, and another 31% are evaluating them. We project increased adoption. All-in-one vendors include Cisco, Fortinet, Juniper and Vyatta. These products usually combine routing and LAN switching with any number of other functions, such as Wi-Fi, IP telephony, security (IDS/IPS, VPN, firewall), optimization, WAFS, DNS, DHCP, and file/print sharing.
No single device can perform all of these functions well. So we see two clusters of function emerging. One kind of device consolidates packet-delivery functions, such as switching, routing, Wi-Fi, IP telephony, security, and possibly optimization. A second kind combines higher-layer services including WAFS, file/print sharing, DHCP, DNS, and application acceleration, which is basically a branch router versus an integrated application-delivery appliance. We recommend that companies evaluate both types, as they are not mutually exclusive. The bottom line with branch all-in-one devices is that IT managers will see as many as 10 remote management touch-points dropping to one or two.
Remote management and monitoring tools
Regardless of the number of remote management touch-points, remote management is a fact of life for branch IT management. Remote management tools give central IT access to remote PCs, servers and network gear. There are three general classes of remote management tools that typically combine into a comprehensive branch remote monitoring and management tool suite: patching, configuration management, and remote access. Patching solutions from companies such as KACE, PatchLink, Lumension, McAfee, Microsoft, Numara, Shavlik and Symantec provide remote distribution of patches to branch desktop devices. Some products are agent-based and some are agent-less. Regardless of type, they are a must-have to deal with the continual flow of patches from operating system and application vendors.
Configuration and systems management tools are often a superset of patch management tools. Vendors such as Avocent (Emerson), BMC, Computer Associates, Configuresoft (EMC), HP, IBM and Novell all offer branch device configuration and systems management.
Finally, a host of remote-control tools are often used in conjunction with patch, configuration and systems management tools. Often, these tools are required when an automated management process fails or for systems that have unique configuration requirements. Examples of remote access tools include: LogMeIn (Windows/Mac), TightVNC (Windows/Linux), TeamViewer (Windows/Mac), Windows Remote Desktop Connection (Windows), UltraVNC (Windows) and Visionapp (Windows/Mac/Linux). At a minimum, the toolset should offer a combination of administrative functions (VPN tools, FTP client and network utilities) and management functions (system, network monitoring and reporting tools). In addition, remote access tools must operate over a VPN and ideally require strong authentication of the remote access session. This is to prevent a man-in-the-middle attack or unauthorized access to the remote user’s system.
Continue reading about managing branch offices in Chapter 3,Mapping WAN technology to branch office network tiers, or visit Bitpipe.com to download the PDF of the full e-book: Simplifying Branch Office Management.
This was first published in September 2010