Enabling SAM Through Software IDTagging

Enabling SAM through Software ID TaggingID TaggingThe value case for Publishers, Tool Providers and Customers

Timothy WilleySenior DirectorPricing and LicensingSymantec

Rene KolgagSenior Product ManagerSecurity and Endpoint ManagementSymantec

80/20 Cost Rule Of Management80/20 Cost Rule Of Management

22%Hardware and

Software

78%78%Support andMaintenance

Enabling SAM through Software ID Tagging 2

Source: Gartner, 2008

But managing assets is more than just saving costsBut managing assets is more than just saving costs…

License Management Budgeting Security

Configuration ManagementManagement

• Compliance• Re use

Budgeting

• Charge Back• Procurement

Security

• Authorizations• Patches installed

Management

• Optimize IT• Business Value• Re‐use

• Transfer• Retirement• Tracking

Procurement• Minimize TCO• Maximize ROI• Optimize Spend

Patches installed• Policies followed

• Business Value• Automation• Policy based• ProductivityTracking Optimize Spend Productivity

Building the Foundation for Effective SAMBuilding the Foundation for Effective SAM

Accurate Entitlement Information Accurate Inventory InformationAccurate Inventory Information

Software Tagging


Managing inventory information today is hardManaging inventory information today is hard…

Requirements Status Comments

Standard discovery Multiple tools & platforms = multiple answers

Single collection tool Vendors require specific tools high support costsSingle collection tool Vendors require specific tools high support costs

Centralized reporting Multiple business units / tools = lengthy reporting cycleLimited

Normalized data Accuracy is critical, typically needs vendor signoff

Automation Requires normalized and authoritative data

Entitlement aligned Difficult to align easy to over deploy

Limited

Entitlement aligned Difficult to align easy to over‐deploy

IT Process Integration To align with Config systems and Budgeting processLimitedIntegration


Software ID Tags can make this much easierSoftware ID Tags can make this much easier

Requirements Status Comments

Standard discovery Standard XML files for all publishers and platforms

Single collection tool Same answer for all tools on all platformsSingle collection tool Same answer for all tools on all platforms

Centralized reporting Enabled through consistent data for all tools

Normalized data All common data values are normalized

Automation Enabled through consistent and normalized data

Entitlement aligned Software ID Tags can be mapped to EntitlementsEntitlement aligned Software ID Tags can be mapped to Entitlements

IT Process Integration Definitive ID file allows easier integrationIntegration


Everything needed to manage software is in the tagEverything needed to manage software is in the tag … Company X BackItUp 2012 Media Server

•Designed for SAM• Standard, open XML format

Entitlement_Required: TrueProduct:_Title: BackItUp 2012 Media ServerP d V i “2012” 3 0 1 2

Media Server

• Simplifies discovery• Signed, definitive, authoritative•Unique identifier for component

Product_Version: “2012”, v 3.0.1.2Software_Licensor: Company XSoftware_id: BackItUp‐2012‐Media‐Server Unique identifier for component

•Clear mapping to entitlement records• Facilitates security – patches clear, signed file manifest

Abstract: The BackItUp Media Server is …..Installation_Details: location, locales, …Activation Status: Activated file manifest

•Can identify specific product offering for support calls / self‐service support

Activation_Status: ActivatedPackage_Footprint: software DNA .. signed file manifest, install packages, etc. P d t F il B kItU • Facilitates license “true‐up” process

• End‐user can augment tags – BU, etc.

Product Family: BackItUpUpgrade_For: BackupItUp 2011 & 2010Usage_identifier: List of running processes


With tags It’s as easy as 1 2 3!With tags … It s as easy as 1, 2, 3!

Tag Storage Manager 2.0 AdvancedLi3

TagTag

BackItUp 3.0 Shared Storage Option, 529 drives BackItUp 3.0 Media Server

CMDB U d t d

License manager generates

consolidated inventory report

2

Tags harvested, sent to CMDB

Updated y p

1

Consolidated Software Asset ReportServer

Publisher Product Title CountSymantec Storage Manager 2 0 Advanced 1

TagTag

Tag

Storage Manager 2.0 StandardBackItUp 3.0 Shared Storage Option, 348 drives

BackItUp 3.0 Media ServerT

Symantec Storage Manager 2.0 Advanced 1Symantec Storage Manager 2.0 Standard 1

SymantecBackItUp 3.0 Shared Storage Option 877

Tag BackItUp 3.0 Agent For Windows, 122 servers Tag WebsApp 9.0, 2234 active users

Tag EnterpriseDB 9.0 Professional 1934 active users

Symantec BackItUp 3.0 Media Server 2Symantec BackItUp 3.0 Agent for Windows 122WebIT WebApp 9.0 2234Acme EnterpriseDB 9 0 Professional 1934


Acme EnterpriseDB 9.0 Professional 1934Note: All products shown are fictional and are for example purposes only.

Standard, scalable, repeatable = faster, cheaper, betterbetterInventory reporting without Tags

SW artifacts gleaned (files, Add/Remove, PKG/RPM,

etc.)

Proprietary ID engine

analyzes data

Updates made to CMDB

Inventory report

generated

End‐user manually fixes

report

• Not designed for SAM

• Not definitive, or authoritative

• Not standard

• Lacks feature detail• False positives• Not aligned with entitlemententitlement

Reduce time by 60%+Inventory reporting with Tags

Reduce time by 60%+ No recurring data fix‐upReduces false positivesOEM SW ID simplifiedD i d f F i

Tags harvestedUpdates made to CMDB

Inventory report

generated

OEM SW ID simplifiedSupport across vendorsAligned with entitlements

• Designed for SAM

• Std, definitive, authoritative

• Faster generation• Supports more accurate license true‐ups

88Enabling SAM through Software ID Tagging

p

There has been great progress .. but challenges remainremain

Progress Challenges

• ISO 19970‐2 published Oct‐2009• TagVault.org non‐profit set‐up

• Software Publishers and Tool Providers waiting for demand

• End users just beginning to see• Certification guidelines published• Validation and tag creation tools available to members

• End users just beginning to see potential

• Consistency of implementation available to members• Current members include CA, Symantec, ModusLink, GSA, DoD,…

across publishers

• All agree tags are good, will help, but no compelling event driving adoption• Adobe and Symantec have tags in

some products today• Support emerging from SAM tool

no compelling event driving adoption

However there is oneSupport emerging from SAM tool vendors – Symantec, CA, Aspera, and Sassafras

However, there is one event on the horizon …


Uncle SAM soon to say “No tags No dice!”

Fed ITAM Challenges Tags are critical

Uncle SAM soon to say No tags .. No dice!

Path Forward

• $82B IT spend in 2010 • GSA has joined “Requiring software identification tags • 5.4M+ devices• Recurring inventory data

calls expensive

jTagVault.org

• Helped develop certification guidelines

q g gin all procurements is critical to

eliminating the overall complexity of ITAM issues” Fed ITAM Program

Manager p• Executive Order –

Comply with all license agreements

certification guidelines

• GSA to add standard tagging requirements to SmartBuy

“Unless modified by delivery order, commercial-off-the-shelf software

products released for production after January 1, 2011 shall include a g

• Monitoring compliance with security policies

• Optimizing HW & SW

SmartBuy

• USAF has already adding requirements for tags

software identification tag ”GSA SmartBuy (draft)

“2.3.8 Software Tagging - Unless modified by delivery order, After 1 Jan• Optimizing HW & SW

purchasing

modified by delivery order, After 1 Jan 2010, commercial off-the-shelf software items shall support

International Standard for Software Tagging ”

USAF NetCents 2 RFP


USAF NetCents 2 RFP

Software ID Tags are “Win‐Win” for everyone!everyone!

• Reduce customer TCO• Reduce revenue leakage

Publishers

g• Reduce support costs• Enable utility‐based and virtual licensing models

• Reduce compliance riskR d i t lib

CustomersTool Providers Software

ID Tags

• Reduce compliance risk• Maximize software ROI• Optimize deployments• Reduce reporting time• Improve security

• Reduce signature library costs

• Differentiate SAM tools• Allow integration with other tools


Software ID Tags are “Win‐Win” for everyone!everyone!

• Require vendors

Customers Demand change

• Be part of the solution

Vendor Call to Action

• Reduce customer TCO• Reduce revenue leakage

Publishers

to support tagging

• Join TagVault.org

• Join TagVault.org• Shape the implementation

g• Reduce support costs• Enable utility‐based and virtual licensing models

•Develop end‐user tags

• Tag internally

• Stay ahead of the GSA

•Avoid having to • Reduce compliance riskR d i t lib

CustomersTool Providers Software

ID Tags

ag te a ydeveloped apps

Avoid having to implement norms set by others

• Reduce compliance risk• Maximize software ROI• Optimize deployments• Reduce reporting time• Improve security

• Reduce signature library costs

• Differentiate SAM tools• Allow integration with other toolsothers


Web ResourcesWeb Resources• Join TagVault.org

http://www.tagvault.org/member landingp // g g/ _ g

Contact Steve Klos, Exec. Director, [email protected]

• Fed ITAM Programhtt // / t l/ t t/103237http://www.gsa.gov/portal/content/103237http://www.gsa.gov/feditam

• OSD ESI Program: http://www.esi.mil/contentview.aspx?id=227&type=1

• Whitepapers on software identification : http://www.tagvault.org/white‐papers

• Executive Order #13103: http://frwebgate.access.gpo.gov/cgi‐bin/getdoc cgi?dbname=1998 register&docid=fr05oc98‐130 pdfbin/getdoc.cgi?dbname 1998_register&docid fr05oc98 130.pdf

• IDC Analyst support for SWID Tagging ‐ “ISO 19770 Software Tagging Standard — All Eyes on GSA”

http://www.idc.com/getdoc.jsp?sessionId=&containerId=lcUS22474310• Certification Documentation for SWID Tags

http://www tagvault org/GSA Working Group Certification Document


http://www.tagvault.org/GSA_Working_Group_Certification_Document

Thank you!

Any questions – please [email protected] Kolga@symantec [email protected]

Forward-looking Statements: Any forward-looking indication of plans for products or programs is preliminary and all future release or delivery dates are tentative and are subject to change. Any future program plans, or release of a

d t l d difi ti t d t bilit f ti lit f tproduct or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making program participation or product purchasing decisions.

Enabling SAM Through Software IDTagging

Technology

Transcript of Enabling SAM Through Software IDTagging