Extracting real value from SCCM with IT Asset Management tools
By Edward Cartier, xAssets LLC
Nearly every IT department uses some form of a systems management tool (SMT) such as Microsoft's System Center Configuration Manager (SCCM), but too many rely on their systems management software to perform IT Asset Management (ITAM) functions. SMT's do the things they are designed for very well, but are not a substitute for a comprehensive ITAM or Software Asset Management (SAM) solution. By using flexible ITAM and SAM tools that easily integrate external data and have a dynamic report writer, IT pros can extract real value from their SCCM investment.
It is axiomatic that good information leads to good decisions. The cost of perfect information has long been debated in business schools, but no real answers were ever forthcoming. However, most business leaders would gladly pay a small amount to improve the accuracy, level of detail and reliability of the information their systems generate.
Consider a different but analogous business situation. The company needs a third party to represent it in public. It needs a firm that has people who can write, express themselves well, know the business, and present the company in a positive manner to the public. Using those criteria, either a law firm or a public relations firm would meet the specifications; however, the CEO wouldn't want the attorneys to write his advertising, nor would he want a PR firm to represent the company in court. Just as in selecting a professional services company, it's important to determine exactly what is expected from a SMT or ITAM solution.
System Center Configuration Manager (SCCM) surveys and discovers networked devices, including servers, client PCs and smartphones, connected to your system through Active Directory. SCCM installs client software on each node and compiles an inventory database with records on each asset and the software installed on each device, along with the details about the hardware configurations. It uses this data to target application deployments to groups of devices or users.
SCCM provides application recognition capability, which is necessary to get a usable understanding of what software is installed across the IT estate. SCCM's inventory agent can also collect application usage data, which shows what software is not only installed but actually being used. All of these are important pieces of an overall software asset management (SAM) and license optimization program, but knowing what is installed is only the first step in the process.
Systems Management tools are defined as solutions that manage enterprise-wide administration of distributed systems, including computer systems. Systems management is strongly influenced by network management. Maximum productivity can be achieved more efficiently through event correlation, system automation, and predictive analysis. It includes remote control, patch management, software distribution, operating system deployment, network access protection, and hardware and software inventory. Note the lack of any (ITAM) capabilities.
SMTs play a key role in maintaining the overall IT infrastructure, especially in terms of providing remote control, patch management, software distribution, operating system deployment, network access protection, and hardware and software inventory. As part of that function SMTs must be able to discover and identify devices on the network and have some "awareness" of the software already installed. Many have reporting capabilities built in, which lead some IT managers to rely on the SMT for hardware and software discovery and inventory. Therein lies the making of a problem.
Unlike ITAM systems, SMTs are not designed to collect or report detailed system information. After all, their main purpose is to get software out to the endpoints and provide some level of network protection; however, they are not designed to thoroughly interrogate those endpoint devices.
SCCM utilizes deployed agents to collect configuration information. According to the publisher's website, the software collects hardware and software inventory by enabling the client agents on a site-by-site basis. The hardware inventory agent collects available disk space, processor type and operating system for each computer. The software agent, in turn, identifies inventoried file types and versions and collects specified files.4 The Inventory client agents then can be used to create an inventory report based on the client inventory information collected. The resulting reports are perfectly suited for administering software on the network, but not detailed enough for use in an ITAM practice.
ITAM is defined as "The set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment. Assets include all elements of software and hardware that are found in the business environment". ITAM includes gathering detailed hardware and software inventory, and ITAM practices minimize the risks and related costs of advancing IT portfolio infrastructure projects based on old, incomplete and/or less accurate information.
The same, but different?
There is a world of difference between the information generated by a solution that is primarily designed to deploy software across a network and one that is intended to "join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment." ITAM solutions do not manage systems well and SMTs do not perform ITAM tasks well. However, combined, they make a superb team.
The smart return
System Center represents a great strategic decision for taking control of your IT infrastructure. The software requires a substantial investment of time and money but for large environments the returns are substantial and worthwhile. A few years ago a paper was published suggesting that an organization running 50,000 clients could save 5,500 man hours per year and $290,000 USD plus some additional one-time savings.
Integration for the complete solution
However, a small additional investment in a full lifecycle ITAM tool can give you a much bigger return by giving you visibility and organizational control over those assets through functions that are not available in SCCM.
Using two solutions raises the question about data consistency and integrity. Management needs to have one, reliable, accurate source of information regarding the IT infrastructure. If hardware devices, including network infrastructure components such as switches and routers, are omitted then decisions regarding upgrades, and disposals are impacted. If software licenses and installations are missed, software license compliance is impacted. Manual reconciliations of two systems are difficult, time consuming, and prone to errors.
However, this needs not be a concern. A competent ITAM solution will utilize the data collected by the SMT and combine it with the discovery and inventory data, eliminating duplicates and providing a complete detailed inventory of the network. Moreover, an agent-less ITAM solution will scan every device detected and will report those devices without an agent, or in which the agent has been removed or is corrupted. Where an SMT solution may report the make, model and quantity of the discovered devices, the ITAM solution will report the discovery date, asset type, serial number, description, asset number (bar code), OS version, disk space, processor type, physical location and user name. The following Venn diagram illustrates the real benefit of using an ITAM solution in conjunction with a systems management tool.
The same applies to software. Consider the following SCCM report:
It displays the title, vendor version, software category, family and state. It's good enough to define what is on the system, but hardly adequate for an audit or for a licensing analysis.
Now consider the level of detail generated by xAssets' ITAM solution that has imported software information from SCCM.
The inventory, plus all the relevant licensing information, is displayed in a format that can be used by IT managers to identify problems and make decisions regarding software acquisitions.
The benefits of utilizing both a systems management tool and an IT asset management tool are numerous. Beyond generating actionable information about the entire IT infrastructure, a complete ITAM solution can be used to discover and report on devices with faulty or no agent. It scans every device, even those which may not support an agent. Software titles are normalized, creating accurate information crucial in performing license reconciliation. Moreover, the ITAM solution is designed to create a wide range of standard and customized reports that provide in-depth information to management. The ITAM system will also perform lifecycle analysis, identifying obsolete and disposed devices.
Just as relying on the corporate law firm to develop advertising because lawyers can write, is a bad idea, so is relying on a systems management tool to perform IT asset management. Using the right tools for the job always gets the task done the right way.