Video Screencast Help

Why ALTIRIS is Important for SYMANTEC - A Partner Point of View

Created: 07 May 2009 • Updated: 04 Sep 2010 | 12 comments
Language Translations
Pascal KOTTE's picture
+9 17 Votes
Login to vote

Symantec Vision + Altiris ManageFusion: SVMF08 EMEA (Den Haag)

(EN draft version ;-)

The "ManageFusion" Europe has gone in The Hague in October 2008. Symantec, which acquired Altiris in 2007, added "Symantec Vision 2008". The latest acquisition was announced the company MessageLabs. Symantec has acquired 40 companies in 10 years, told us its CEO John W. Thompson. However, he confirmed to reduce the pace of acquisitions. There was "Veritas", "Altiris" and more recently "Transparent Logic Technologies, Inc.". (Tlogic Workflows). Symantec does not buy at random. It is wrong sometimes, as with "OnTechnology (LiveState Suite). But with "Altiris" they finally found a platform for transportation and federation for the rest.
The model of an assembly of independent tools is no longer sufficient. We are moving towards a "Business Process" which includes several solutions with a consolidated interface. For example:
  • The backup and archiving of data merging their resources to maximize storage.

Symantec announces to the "Green IT" with the release of version 8 of "Symantec Enterprise Vault". A single-pass backup provides backup emails or documents users ("Granular restore"). But it also includes data from physical systems or virtual to allow a rapid return to service ("Disaster Recovery").

  • Content control should allow:
    • detect the presence of sensitive data (eg credit card numbers) to encrypt or move (DLP),
    • as the presence of "infested" to clean or isolate (eg, spyware).
  • The detection of flow networks with "sensitive" or "abnormal" may be correlated with the activities and analyzes the content of clients machines, with version 9 of Symantec Data Loss Prevention (DLP).
  • With the Altiris tools, we can massive reinstall all suspicious machines remotely in about an hour.

We can also keep a few machines where the agent "DLP" did not detect significant content for the company, to isolate them in a quarantine network and establish an "escalation" in Symantec labs (see below). Because it is a permanent war on the Net for several years.

The period of "Fun Heroic Hackers" to "infect" the greatest number of computers in the world for the glory is over. Cybercrime is a fact. Hackers are money motivated for lower risks. Young gifted the "Net" continue their prowess to gain recognition and "hack" for the glory. But they are sought by both sides. Hope they do not have to be recruited by the Cyber Mafia. Today we live in a unique historical period: The birth of a new era where the "anything digital" generation alongside the "nothing digital" people. Companies like Symantec have a role to play in this evolution towards an "IT" secure, open and "green*".

Thompson said:

  • In 2007: The rising volumes of data "unstructured" (ie, the office files) from 23% to 63%
  • In 2007: The number of threats is growing 468% ...

Public image of Symantec is suffering a limitation as an antivirus software publisher. To the general public, make security "IT" is simply to protect a computer by installing antivirus software "updated", some more clevers told also to install a firewall. This is no longer true, and that is not enough todays. New threads bypass all "signature based" antivirus & firewall let you go the Net using http, like Trojan does. Security concerns all the elements used for the transportation and information processing:

From

To
Software applications, components for storage or transport (systems and networks)
From the depths of "Datacenter" the position of terminal user interface, including at home or on their phone / PDA *
Protections for physical access (doors, locks, cameras, guards, ...) What is difficult to do for portable terminals and Home workers (crypting solutions. ..)
Is to prevent "leakage" of money or information. To stop "threats" (steal CPUs/Bandwidth, stops services)
Mastering all these elements must ensure;
  1. Business continuity (BCP = Business Continuity Plan) through ongoing preventive activities adjusts the elements of protection and redundancy to increase availability.
  2. The ability to quickly restore service activities, with adequate infrastructure & plans  (DRP = Disaster Recovery Plan).
  3. And preventing the loss of sensitive information, through awareness-raising measures and tools (DLP = Data Loss Prevention).
 
Symantec is the publisher of a portfolio of many hundreds softwares, with a direct and sometimes not seems "security" related. But the group is mainly:
What How much
The owner of a set of laboratories for 24/24h threats monitoring and research.
4 (or 5?)  "Security Operations Centers"  (SOC), +29 "Global Support Centers"
Solutions against are build are taken; In six (or 11?) "Symantec Security Response Labs" (security research centers)
Updates components detection and defense world are published as soon as possible; With the solution "LiveUpdate" set up by Symantec. It is used by more than 300 million customers.

.
"LiveUpdate" allows to update the signatures and the necessary data for a large number of Symantec software (not just the antivirus).

But this is not enough to protect a business.

We need a consistent platform and inter-connected with all hardware, software and human processes. Altiris brings a part of the solution: an open architecture that provides a range of tools to be added to its CMDB*:

  • The Connector Solution "allows to easily build a model from a web page on importing, exporting or simply to update structured external data.
  • The Software Developer Kit (SSDK) enables the development of addon in Java, VB or C #, also as "web services" or simple command line (CLI).
  • The use of ".Net" structure allows to integrate into a SOA* architecture without any specific developments.
  • The "workflow" (Tlogic) allows to build easily process with a human interface connected any structured database, and the Altiris CMDB.
  • The combination of solutions CMDB* and Asset Management provides objects based structures, quickly adaptable to new types can inherit attributes and predefined associations.
  • The heart Altiris Notification Server helps ensure the consistency checks and notifications via "pager / SMS / Email / Web Reports" for all interfaced solutions.
  • Groups of machines or users ( "collections" or "filters" in v.7) are built dynamically from all these criteria and the CMDB*. They are shared and reused by the various solutions.
Symantec Open Collaborative Architecture (OCA) is based entirely on Altiris to stage the other components. This is already the case with the solution "Symantec Endpoint Protection and "Backup Exec System Recovery". The connectors for Symantec Altiris are available free of charge. The combination of Altiris solution with workflow will enable customers and partners to build human process that will lead several disparate elements. From simple calls authenticated web pages (https) piloting tasks and interventions "IT", based on information directly integrated into the Altiris CMDB* (see illustration - source Symantec).

The major change from Altiris (version 7) is "finally" expected this year (2009). All components and solutions is impacted due to a major restructuring to facilitate the delegation of authorities (with hierarchical inheritance).

  • Client/Server Management suite: Include several basic solutions that are heavily modified like "Software Delivery":

How to capture software management change from multiple rules/items configurations, to a predefined easy workflow. Logic is more 'human'. It is based first on list of software detected or reported. A single series of simple operations manage the deployment of software, with the dependencies and updates (patches). It is integrating an update of the inventory according the target into the CMDB*. This will be a little disturbing at the outset for the "regulars" of the version 6, but the adjustment should come easily.

  • The new solution "helpdesk" to "Service Desk 7" (Optimus project replacing the Kitty Hawk project):

It will be based on the workflow solution for the interface with users. It will include management of known issues & standard ITIL* process. The combination of the CMDB with Workflow, makes Altiris an ideal platform to build ITIL* processes like.

  • The new "Deployment Solution" version 7:

It will integrate more and more in the "Notification Server" to be used in the workflow, throw the Server Tasks.

A year 2009 which will be full of changes, but it is just a beginning.

Pascal KOTTÉ
 
Green IT: IT in the world seems to contribute 2% of CO2 production from Gartner. Added to economy of operations "remotly" that became possible thanks to developments in IT and the Internet.
PDA: Pocket Desktop Assistant (phone, calendar and other electronic accessories like)
CMDB: Configuration Management Data Base, a structured database that keeps track of configuration information of IT components and enterprise. It is a term derived from ITIL version 2, renamed CMS for Configuration Management System in version 3.
SOA: Service Oriented Architecture, main idea is to support the "function calls" inter-application through a query such as a simple web URL (http or https), this is related also "Web 2.0" concepts.
ITIL: See www.itsmf.com and wikipedia.org.

Comments 12 CommentsJump to latest comment

Pascal KOTTE's picture

Here the Google Doc publication link for those with any trouble to see image or other problem:
docs.google.com/Doc

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+5
Login to vote
Pascal KOTTE's picture

FRench Version in there:
docs.google.com/Doc

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+5
Login to vote
Tech-O's picture

 I agree with you general ideas on this article but what is lacking is the cutting edge .. Since Symantec bought Altiris the technology advances has stop for over a year.  I even notice Microsoft catching up, not even looking at the smaller companies that don't have a large overhead on management will now start jumping way ahead . do you really think Symantec is investing enough money into the Altiris area. 

They are playing so much catch up now that i wonder if they will ever be able to ........They should already be supporting Windows 2008, 64bit, SQL 2008, IE8, Internet management and Windows 7 

0
Login to vote
ianatkin's picture

 I recall from years ago seeing a slide from Altiris about how much of their revenue they pumped back into their product. I wish I had kept the figures -I recall it being fairly astounding and breaking the trend of most software vendors plunging a huge percentage of their revenue into marketing.

I agree that the Symantec aquisition has halted the development and maintenance of the Altiris product line (from my experience of 5 years working with Altiris), and this has in effect set it back a year. My hope is now that Symantec's significant resources can be put to bear to keep the competition at bay.

And this *is* important. The Altiris product line has not only to be robust, but it must also keep up with the times and expectations of users, IT Managers and of course the folks high up holding the purse strings. I'd like to see Altiris back up at the top as the clear choice for desktop management.

Kind Regards,
Ian./

Ian Atkin, IT Services, Oxford University, UK

Connect Etiquette: "Mark as Solution" those posts which resolve your problem, and give a thumbs up to useful comments, articles and downloads

-1
Login to vote
Pascal KOTTE's picture

I am not agree with you - This year is just showing the out of the major release "7" - CMS 7, Workflow 7, SD7, NS7 (SMP/SMC)...integration of Ghost, PCA, SEP, BESR... SP2 DS 6.9, SP3 is coming, SWV 6.0 (next after SVS 2.1), etc...
I don't know how many, more or less, people are "coding" Altiris solutions since buy from Symantec, but I believe it is more than less.

But I am agree with you about Support matrix is poor & minimal !

- no 64 bits full correct support
(try metering applications, you will never catch any 64 applications !)
Symantec said 7.1 will solve, but when?

- Windows 7 support, not yet there ...

- no SQL 2007/Windows 2008 support: the same hardware can double performance upgrading SQL2005/w2003 to SQL2007/w2008, for sure Altiris solutions is not needing performance enhancement (I am just kidding of course, we need performance improvement, because Altiris developers seems not taking care about "tuning" & "performance" ! For a SD7, you must have 64bit+8GB ram dedicated server ! For sure Intel/HP/Dell/IBM are loving Altiris like Microsoft)
The worst is I was using the RC with SQL express 2007, I was needing to remove for reinstalling final with SQL2005 :-(

So I guess it is also for reducing "support" workload, not only "coding" work overload problems...

SD7 (Service Desk 7) is also out after 2,5 years late... And Symantec was the cause as they buy Tlogic, they drop everything already start for the "Kitty hawk" (helpdesk7), to rebuild a total new solution based Workflow solution.

So I don't think the buy from Symantec reduce the number of Altiris coding peoples & workload, I guess the contrary. But I guess also some less efficacy ;-)

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+1
Login to vote
ianatkin's picture

I don't doubt that more people are now behind the scenes on the Altiris product line. But, Altiris development experienced a hiatus preceeding the acquisition, which I think is the point being stressed here. Yes, there has been a flurry of recent activity with CMS7 and Workflow to replace the ill-fated kitty hawk but the Altiris line is not as advanced as it should be.

This has allowed other vendors to sneak in the cracks.

Symantec at the moment are attempting to cover all the bases with their 'endpoint' line. Sometimes in big organisations, its enough to just tick more boxes than the competitors (or at least not tick less). This results in a lack of innovation -look at the mobile phone market and how Apple completely turned it on its head.

So, to re-iterate my worry -the Altiris line is being developed, but just does not have the platform support and functionality I would have expected at this time. Rightly or wrongly, I see the merger being a strong contributing factor as I suspect this led to a development stoppage whilst Altiris/Symantec ascertained the strengths and weaknesses of their individual products to see which would be taken forward, and which would be dropped.

Kind Regards,
Ian./


Ian Atkin, IT Services, Oxford University, UK

Connect Etiquette: "Mark as Solution" those posts which resolve your problem, and give a thumbs up to useful comments, articles and downloads

+1
Login to vote
Pascal KOTTE's picture

OK, I understand better. Sorry for my english really not perfect.

I also think it is time for Symantec to be more pro-active & "latest version support ready" than any other vendors to improve "Symantec public image".

I suggest all you subscribe & contact your closest User group & plan a global official complain about this to Symantec thrue the "User groups", probably the best way. Another is to write directly Symantec CEO.

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+2
Login to vote
Tech-O's picture

Many of us have already approached Symantec and they have promised to start keeping up with the times. I still see a issues that is going to cause them to be later to the plate with new product support.  If the platform team (mean SMP 7) is late to the plate all the solutions are even later. so lets say the platform group release support for a true 64bit agent in Q1 of 2010, most likely you will not see the solutions (CMS, SMS) support it until Q2. This brings me to think that the platform team should be releasing beta support to the solutions team before a product is RTM. This should allow the Platform and solution team to release support for a new product with-in months of each other . It doesn't do any good to release platform support for 64bit without the solutions supporting it . 

it brings me to another concern. symantec is so busy integrating all of it's product line that i think this is causing the innovation to halt or even somewhat stop. I hope symantec gets the point soon that if you don't keep us the management platform with new inventive technology you are going to start losing your customers to smaller companies that can turnaround a release in weeks/months. 

Keep in mind i previously  thought  Altiris(before Symantec) products were one of the best products but, they are losing ground very quickly . 

+2
Login to vote
Pascal KOTTE's picture

I don't think enough people talk to Symantec for this ;-)
Of course, if we were able to all suspend our AUP/Maintenance renew paiement, as long as Symantec does not commit correctly, they will take more attention to us ;-)
I will push this on my own "user group" meeting in October & ask for the comity to write the CEO.

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+1
Login to vote
adminsecure.sjj@gmail.com's picture

thank you
symantec provide optimal solution for the network
Symantec at the moment are attempting to cover all the bases with their 'endpoint' line. Sometimes in big organisations, its enough to just tick more boxes than the competitors (or at least not tick less). This results in a lack of innovation -look at the mobile phone market and how Apple completely turned it on its head.

+1
Login to vote
Pascal KOTTE's picture

Hi, I don't think large companies like Microsoft, Symantec, can be the best one for software inovation. Most of the time, they just buy the small company, were creating a good inovating solution, & integrate.
So I don't ask to Symantec to be "innovative", but to be "on the market": integrating quick enough for being ready to support latest hardwares, softwares. That's it.
Also, be enough "visionary" to buy the best innovative smallest companies, and to integrate them with efficacity.
Symantec already makes some mistakes, like Client Management Suite LiveState from On Technology acquiring in 2003... And loose a few time for this, so I feel them really at the end of the ITSM market.
But it is never too late, if you can propose more efficient solutions, at a lower cost the competitors. ;-)

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+1
Login to vote
Pascal KOTTE's picture

You can see:
"Symantec Endpoint Protection Suites Now Include Altiris Solutions
On June 8th (2010) Symantec added three new buying center products to the Symantec Protection Suite portfolio: Symantec Protection Suite Enterprise Edition for Endpoints, Gateway. and Servers. Symantec Protection Suite Enterprise Edition for Endpoints includes Altiris Inventory and Patch Management Solutions. In addition all three suites include Symantec Workflow to accelerate incident response and simplify security operations."

~Pascal @ Kotte.net~ Do you speak French? Et utilisez Altiris: venez nous rejoindre sur le GUASF

+1
Login to vote